Support » Fixing WordPress » Problem Roles Privacy

  • Resolved pewito

    (@pewito)


    Hello good afternoon, I have a very specific question to see if you can help me please.

    Is it possible that a user with the role of “Author” can only change the privacy of the Pages ?. That I can change it from Public to Private. I don’t want you to edit the content of the page.

    I’ve tried several Roles Editor plugins but it doesn’t leave me something so concrete.

    Thank you!

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator bcworkz

    (@bcworkz)

    The private setting changes who sees the page, not who can edit the page. Authors can normally edit their own pages any time they please. If you want to prevent that, you could use a roles and capabilities plugin like “Members” to remove the “edit_published_pages” capability from the role.

    Hi, thanks for answering. The idea is that the Administrator publishes pages, and those who have the role of Author can only change the privacy of those pages, make it public or private.

    Tomorrow I check to see if editing that role I can do it. I’ll tell you to see if it worked. thank you very much. You’re so kind.

    Hi @bcworkz. I have tried to remove that permission from the “Author” role, and it is great because I cannot modify the page, but neither does it let me do what interests me, so that the user with the “Author” role can change the page to private or public.

    Can you think of any other way?

    Moderator bcworkz

    (@bcworkz)

    Oh, I see what you’re after now. I misunderstood who and why the visibility is changed. The visibility setting is tied to the same capability and difficult to separate out. All I can think of is adding a separate UI element that allows changing visibility despite the lack of edit published pages capability. Such as a custom meta box that toggles the setting via Ajax. Custom PHP code always has full capabilities and it’s possible to alter things without checking capability.

    It’s not a good UX to have two things doing the same thing where one works and the other doesn’t, but it would be a viable workaround. Even if the custom code does not check for the proper capability, it should at least verify the page being altered is authored by the current user.

    First of all thank you very much for your help. I see that it is more complex than I imagined. I will talk to my boss and tell him everything.

    A cordial greeting.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.