In my testing this works OK. But if you have these settings:
Can See Submission data -> Editor
Can See Submission data when using shortcodes -> Administrator
then an editor does see those admin menu items. “Can See Submission data when using shortcodes” is only checked if the user does not have permissions for “Can See Submission data”.
Double check and see if that is the case on your site. If not, let me know.
Yes, that actually is what I meant 🙂
IF
Can See Submission data -> Editor
Can See Submission data when using shortcodes -> Administrator
Allows an Editor to see the ‘Database Short Code’-menu and use and test the ‘Export and Short Code Builder’.
I now understand it’s intended to work like this, correct?
Yes, that is the intended behavior (I agree that is not entirely obvious).
To be clear, if a user has ‘Can See Submission data’ then the value of ‘Can See Submission data when using shortcodes’ is irrelevant to him, because he already has access to it.
‘Can See Submission data’ was put in first to provide some security, but once I added short codes, people generally wanted anyone to be able to see the output of a short code on a pages/posts but not necessarily be able to get into the admin page and see all the data and potentially delete it. So I then added ‘Can See Submission data when using shortcodes’ .
Yes, I see. I thought it was the other way around 🙂
That it was possible to ‘Can See Submission data’ without ‘Can See Submission data when using shortcodes’. But now I understand. Thanks for the explanation and the great plugin 🙂
For anyone that wants to remove the ‘Database Short Code’-submenu for non-admin users, add the following code to your themes functions.php file:
function remove_CF7DB_submenu () {
global $current_user;
if (!current_user_can('manage_options')) {
global $submenu;
unset($submenu['wpcf7'][2]);
}
}
add_action('admin_menu', 'remove_CF7DB_submenu');
