37 Responses

  1. Catherine Jacobs
    Catherine Jacobs Published |

    Thank you this will come in handy.

    Reply
  2. johnbillion
    johnbillion Published |

    You could also achieve the same thing without filters (not because it’s better or worse, just different).

    function my_plugin_capability(){
        if ( function_exists( 'members_get_capabilities' ) )
            return 'edit_my_plugin_settings';
        else
            return 'manage_options';
    }
    add_submenu_page( $parent_page, $page_title, $menu_title, my_plugin_capability(), $file, $function );

    Haven’t had a chance to properly try out this plugin yet Justin but it looks very promising. Keep up the good work.

    Reply
  3. johnbillion
    johnbillion Published |

    I’d like to suggest an alternative method for this which is simpler and potentially allows effortless compatibility with other role management plugins. I’m not that good at explaining things so bear with me :)

    The aim is to get rid of the if ( function_exists( '...' ) ) checks inside plugins that want to utilise custom capabilities. It makes compatibility with other role management plugins a pain, as you need a check for each role management plugin that’s available. Not ideal.

    To avoid this, one common filter could be used (in an ideal world this would be used by all role management plugins) that gets filtered by the currently installed role management plugin, not by the plugin that wants to use custom capabilities.

    add_submenu_page( $parent_page, $page_title, $menu_title, apply_filters( 'use_custom_capability', 'manage_options', 'edit_my_plugin_settings' ), $file, $function );

    Note the parameters in the call to apply_filters. The usual parameter is the default capability that will get used when no role management plugin is used. The second is the capability that will get used if there is one (eg. if Members is installed).

    This method requires the following addition to the Members plugin, but once added would form a solid system for allowing plugins to utilise custom capabilities if any role management plugin such as Members is installed.

    function use_custom_capability( $default, $custom ) {
    	return $custom;
    }
    
    add_filter( 'use_custom_capability', 'use_custom_capability', 10, 3 );

    This function simply returns the custom capability, nothing else. If this code was used in other role management plugins, plugins would isntantly have compatibility with all the role management plugins without needing to perform a check for each one (the if ( function_exists( '...' ) ) stuff above).

    Finally, with regard to Adding the capability to the role edit page, if this filter was given a more generic name (such as ‘get_capabilities’ if that doesn’t already exist) then other role management plugins could use this method for adding custom capabilies to a role administration screen.

    Suggestions?

    (P.S. a Preview button on your blog comment box would be great)

    Reply
  4. johnbillion
    johnbillion Published |

    Your code makes the assumption that only one admin menu page that only needs a single capability exists for the second plugin.

    Hmm, not following you here.

    apply_filters( 'use_custom_capability', 'manage_options', 'edit_my_plugin_settings' )

    The above code could be used multiple times in a plugin wherever a capability check occurs. Eg.:

    // admin menu 1:
    add_submenu_page( $parent_page, $page_title, $menu_title, apply_filters( 'use_custom_capability', 'edit_posts', 'edit_my_plugin_description' ), $file, $function );
    // admin menu 2 with higher permissions:
    add_submenu_page( $parent_page, $page_title, $menu_title, apply_filters( 'use_custom_capability', 'manage_options', 'edit_my_plugin_settings' ), $file, $function );
    Reply
  5. johnbillion
    johnbillion Published |

    Obviously my suggestion is also an ideal world solution, where every role management plugin uses the same filter and every plugin that wants to allow custom capabilities does the same! I don’t think OSS projects are renowned for having widely implemented standards.

    I think my brain has been fried for the past few days.

    Tell me about it. I’m surprised anything I say at the moment makes sense. I’m working with multiple custom taxonomy intersections in queries (and hoping a patch for WP will come out of it all).

    Reply
  6. CG
    CG Published |

    could this be made into a plugin so that different users can be limited to see a different back end… depending on their role?

    Reply
  7. CG
    CG Published |

    I agree… I know of a plugin that ‘hides’ some menu items but it does so for everyone including the admin.. pity there’s not something that can hide menus according to XYZ.. that would be ideal…

    Reply
  8. Steve @ Annuity
    Steve @ Annuity Published |

    Thank you for the plugin. It should be very useful with custom capabilities.

    Thanks,
    Steve

    Reply
  9. Alfred
    Alfred Published |

    I’m going to sound like a jerk for asking, but as a computer illiterate who likes blogging, is there an easier way to do this? By easier I mean… less hands on…

    Reply
  10. MacBoy
    MacBoy Published |

    Without modifying a plugin, what code can I drop into my theme’s functions.php file to get the same net effect?

    I have a dual-goal:

    1. Don’t modify plugins to stay in sync with changes.

    2. Restrict (allow) each role to the necessary set of capabilities provided by core WP and by each plugin

    Perhaps the theme-based approach via functions.php might be a reasonable approach. From your example code, is all that “droppable” into functions.php ?

    Reply
  11. oliver
    oliver Published |

    Thank you for making our lives simple and easy…. i liked this plugin and would love to use it on my website.

    Reply
  12. Michael Langham
    Michael Langham Published |

    Most excellent plug-in Justin.

    Just ran it through its paces and not only was it easy to set-up, but the action/alert items right after activation were helpful reminders.

    Quick question– I’m also utilizing the Calendar plug-in. It has a feature that offers the admin to designate which lowest user rating has access to the calendar.

    After creating a role via Members, it was not recognized via Members.

    I’d like ultimately to offer editing of the calendar items only, with no other posting/editing access to certain users.

    I’m not sure after reading this article if this is something that can be set via your plug-in. Is it just too late on a Friday for me to have grok’d it, or can you point me in the right direction.

    Thanks again for an Excellent plug-in offering. It’s already gone into my folder labeled “must-have-plugs”, and has also gone on my writing list of items to review in my blog.

    Have a great weekend.

    Michael

    Reply
  13. Michael Langham
    Michael Langham Published |

    Ack:

    After creating a role via Members, it was not recognized via Members.

    I meant to say “…it (role) was not recognized by Calendar”

    Like I said, too late on a Friday night.
    Thanks again.

    Reply
  14. leen
    leen Published |

    Hi,thanks fot yoy MEMBER plugin!

    Making private pages is a piece of cake now!
    I do have 1 question tough: I want to make a detail (not private) page that can be updated by one user only (with specific role).
    So I make a capability ‘edit_member1_page’. But this doesn’t work. Do you have any suggestions..? thank you very muc,
    leen

    Reply
  15. Michael Langham
    Michael Langham Published |

    Hello again Justin.

    The ‘calendar plug-in’ author has responded with the following info with regard to your suggestion that they employ “$wp_roles variable or the WP_Roles class rather than assuming that everyone uses the default roles” in your above reply to me.

    For perusal, should you or others enjoy, is the link to the forum post:

    View topic – Is Update planned to utilize WordPress roles system? http://j.mp/6n5rY

    Reply
  16. Michael Langham
    Michael Langham Published |

    OOpah.

    Here was his response:

    Kieran wrote:
    Possibly. The next major version will see an improvement to the permissions system, whether it will integrate with roles or not is a different matter. The more API documentation is provided to me in this thread, the more likely it is – I only understand the default permissions in WordPress at this point, hence their use in the plugin.

    Reply
  17. Michael Langham
    Michael Langham Published |

    I guess I should have actually posed the question to this thread as to

    “Where might Tieren get more information regarding codex for his plug-in’s revision so as to include “$wp_roles variable or the WP_Roles class” per Justin’s suggestion.

    I’ll do the legwork for him if for no other reason than to pay-it-forward.

    Thanks in advance.

    Michael

    Reply
  18. Melody: Sanitary Connector
    Melody: Sanitary Connector Published |

    Thanks for walking through the capabilities of your plug-in. Frankly, I have a moderate amount of technical knowledge (probably just enough to get into trouble), but your direction was quite clear. I maintain a blog with about a dozen writers some of whom really create a mess. I plan on looking more closely at using your plug-in to prevent some recent nightmares.

    Reply
  19. Eurolappen @ Fahrschule Tschechien

    Again a very great plug in. Thank you for sharing your great talent and knowledge with us.

    Reply
  20. TOEIC
    TOEIC Published |

    It looks great but my concern is… what would your wordpress become? Would your scipts be overwritten by any new auto updates you may want to do? How do you agree those things

    Reply
  21. Rich
    Rich Published |

    Hmmm…I can apply it for my new site and I really appreciate your time for sharing it with us. I have been reading your posts and it’s really amazing how you can help people like me. Thanks a lot.

    Reply
  22. Gabriel
    Gabriel Published |

    Hi, I am just starting in this plugins development and I am getting a little desperate. So if anyone here knows how to add to the Members plugin the capability to choose an admin to be able only to change some of the plugins that are installed on the theme, please let me know and how much will it cost.

    For example I want one of the admins to be able to manage the options of three different plugins but not all the plugins that I have installed.

    Reply
  23. Gabriel
    Gabriel Published |

    BTW I forgot in my previous post but you can send me an email if you can help me with it.

    Reply
  24. Margarida Fernandes
    Margarida Fernandes Published |

    Just wanted to thank you for this plugin. I am just sorry I am not a professional developer, and that other developers don’t follow what you suggest here, so that I could take more advantage of your plugin and have more flexibility. But still this has helped me in my blog a lot.

    Reply
  25. The Father
    The Father Published |

    I plan on having a lot of members. I am wondering what each role permission does specifically. I really appreciate the plugin and I think it is very useful so far. I know what most of the role permissions do but some of the AOC_ permissions are unclear to me. Also, I just added a new member and he is not showing up on my public members list(siege community) but the one I added before has shown up. Thanks in advance for your help and please keep up the exceptional work.

    Reply
  26. trusktr
    trusktr Published |

    Very superb! If only features like these could be added to the core of wordpress by awesome designers like you!

    Reply
  27. JLeuze
    JLeuze Published |

    I’m trying to add custom capabilities to a plugin of mine to change the capability that gives access to the plugin options page and I ran into a couple of issues. First it doesn’t look like the “members_plugin_init” function exists in version 0.2 of the Members plugin? I checked for the “members_get_capabilities” function instead and that worked for me.

    The other bigger issue was that even though I can give any role with the custom capability access to the options page, they can’t actually make any changes to the options unless they also have the “manage_options” capability.

    From this ticket it looks like this is a known issue. Do you know of another way to do this, or was this meant to be more of a proof of concept then a functioning example?

    Reply
  28. Mj
    Mj Published |

    Nice tip Justin

    Thanks for sharing the tip and your handy plugin.

    Cheers

    Reply

Leave a Reply

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/Web site in attribution.

Please use your real name or a pseudonym (i.e., pen name, alias, nom de plume) when commenting. If you add your site name, company name, or something completely random, I'll likely change it to whatever I want.

css.php