Granular editorial access control for all post types in WordPress
PHP Shell JavaScript CSS
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bin
bower_components/chosen_v1.1.0
build
classes
js
languages
scss
tests
.editorconfig
.gitignore
.travis.yml
Dockunit.json
Gruntfile.js
README.md
bower.json
composer.json
editorial-access-manager.php
package.json
phpunit.xml
readme.txt

README.md

Editorial Access Manager Build Status

Allow for granular editorial access control for all post types in WordPress

Purpose

A simple plugin to let you control who has access to what posts. By default in WordPress, we can create users and assign them to roles. Roles are automatically assigned certain capabilities. See the codex article for a list of Roles and Capabilities. Sometimes default roles are not enough, and we have one-off situations. Editorial Access Manager lets you set which users or roles have access to specific posts. Perhaps you have a user who is a Contributor, but you want them to have access to edit one specific page? This plugin can help you.

Installation

Install the plugin in WordPress, you can download a zip via Github and upload it using the WP plugin uploader.

Configuration

There are no overarching settings for this plugin. Simply go to the edit post screen in the WordPress admin and configure access settings in the "Editorial Access Manager" meta box in the sidebar.

Managing Access by Roles

In the "Editorial Access Manager" meta box, enable custom access management by "Roles". Once enabled, the post can only be edited by users that fall into those roles. However, no matter what, the Administrator role can always edit any post. This if for safety reasons. You can also only use roles that have the "edit_posts" capability; therefore "Subscriber" by default cannot be used.

Managing Access by Users

In the "Editorial Access Manager" meta box, enable custom access management by "Users". Once enabled, the post can only be edited by designated users. However, no matter what, any administrator can edit any post. This if for safety reasons. You can also only use users that have the "edit_others_posts" capability; therefore "Subscriber" users by default cannot be used.

Development

Setup

Follow the configuration instructions above to setup the plugin. I recommend developing the plugin locally in an environment such as Varying Vagrant Vagrants.

If you want to touch JavaScript or CSS, you will need to fire up Grunt. Assuming you have npm installed, you can setup and run Grunt like so:

First install Grunt:

npm install -g grunt-cli

Next install the node packages required by the plugin:

npm install

Finally, start Grunt watch. Whenever you edit JS or SCSS, the appropriate files will be compiled:

grunt watch

Testing

Within the terminal change directories to the plugin folder. Initialize your unit testing environment by running the following command:

For VVV users:

bash bin/install-wp-tests.sh wordpress_test root root localhost latest

For VIP Quickstart users:

bash bin/install-wp-tests.sh wordpress_test root '' localhost latest

where:

  • wordpress_test is the name of the test database (all data will be deleted!)
  • root is the MySQL user name
  • root is the MySQL user password (if you're running VVV). Blank if you're running VIP Quickstart.
  • localhost is the MySQL server host
  • latest is the WordPress version; could also be 3.7, 3.6.2 etc.

Run the plugin tests:

phpunit
Dockunit

This plugin contains a valid Dockunit file for running unit tests across a variety of environments locally (PHP 5.2 and 5.5). You can use Dockunit (after installing it via npm) by running:

dockunit

Issues

If you identify any errors or have an idea for improving the plugin, please open an issue.