Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Improved roles support #151

Closed
DaWoblefet opened this issue Nov 29, 2021 · 3 comments
Closed

Feature Request: Improved roles support #151

DaWoblefet opened this issue Nov 29, 2021 · 3 comments
Labels
enhancement

Comments

@DaWoblefet
Copy link

DaWoblefet commented Nov 29, 2021
edited

Love the tool! I have a couple feature requests. First, it would be nice to be able to toggle permissions for the plugin in the tool's settings, as a convenience feature instead of hooking into the aal_init_roles filter. Just a QoL thing.

Second, when using the aal_init_roles filter, it doesn't actually hide the plugin from the user in the menubar. It does restrict their access, but it'd be nice to properly remove the plugin when they don't have the correct role. So instead of:

image

it's more like this, where it's not displayed at all:

image

This is the associated code snippet I'm using to model the behavior above. Of course, this would need to be adjusted to handle what roles are actually allowed.

function hide_activity_log_from_editors() {
    global $user_ID;
    if (!current_user_can('administrator')) {
        remove_menu_page('activity_log_page');
    }
}
@KingYes
Copy link
Member

KingYes commented Feb 16, 2022

Hi @DaWoblefet,

Regarding your first request, for now, we will not add it to the settings page.

About the menu item, you should use our custom user capability view_all_aryo_activity_log. The aal_init_roles filter is designed for which items a user may watch and which they may not.

@DaWoblefet
Copy link
Author

DaWoblefet commented Feb 16, 2022
edited

@KingYes,

I checked and our "editor" role does not have that capability. I ran a var_dump of get_role('editor') and view_all_aryo_activity_log was not in the capabilities array. However, users with the editor role can still see Activity Log in the sidebar. If I assign the "editor" role that view_all_aryo_activity_log capability, then it just looks like it bypasses the aal_init_roles filter. So it doesn't remove it from the sidebar.

Just from a quick look through the codebase, it appears that if the view_all_aryo_activity_log capability is not set, it uses the edit_pages capability as a fallback, which is not what I want to happen since I only want administrators to be able to view the Activity Log on my site. But this fallback permits Editors to view the site. See line 14 of classes\class-aal-admin-ui.php:

$menu_capability = current_user_can( 'view_all_aryo_activity_log' ) ? 'view_all_aryo_activity_log' : 'edit_pages';

@KingYes
Copy link
Member

KingYes commented Apr 1, 2024

Fixed by #205

@KingYes KingYes closed this as completed Apr 1, 2024
@KingYes KingYes mentioned this issue Apr 1, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@KingYes @arielk @DaWoblefet