Support » Plugin: Application Passwords » Restriction on creating application passwords

  • So this is not exactly a huge problem but I still wanted to mention it (and provide a solution if anyone else is interested). Currently all users are able to add application passwords through their profile and this is not necessarily something desirable for setups with plenty of non technically inclined users. It’s just a source of confusion.

    What I did to solve this issue is restrict displaying the application passwords profile section to users that have the ‘manage_options’ capability. I added this to a custom plugin:

    //Make sure we are late enough to remove actions
    add_action('admin_init', function() {
        //Restrict setting up application passwords to site managers
        if(!current_user_can('manage_options')) {
            remove_action( 'show_user_profile', [ Application_Passwords::class, 'show_user_profile' ] );
            remove_action( 'edit_user_profile', [ Application_Passwords::class, 'show_user_profile' ] );
        }
    });
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Restriction on creating application passwords’ is closed to new replies.