Friday afternoon, I released Role Scoper 1.0.4 to address the following issues:

• BugFix : XML-RPC support (ScribeFire, WLW) was broken for non-administrators
• BugFix : exclude_tree argument was ineffective in get_terms / wp_list_categories call
• BugFix : Category Restrictions were not inherited upon new category creation
• BugFix : User groups were unusable on DB servers that do not support default value on text columns
• BugFix : Page Parent filtering was broken for Quick Edit
• BugFix : Option "role assignment requires blog-wide editor role" was only requiring blog-wide contributor role
• BugFix : Option "role assignment requires blog-wide editor role" did not suppress Roles, Restrictions sidebar menu
• BugFix : In Edit Post form, non-editors could see / select other users as "author"
• BugFix : invalid Category / Object role edit links displayed in user profile for non-editors in some configurations
• BugFix : Role Scoper Options inaccessable to administrator with WP 2.8.1
• Change : Deny implicit comment moderation rights to Authors if they lack moderate_comments cap
• Change : Moved option "Role administration requires a blog-wide Editor role" to main Options tab

Sadly, in addressing the WP 2.8.1 "explicit permissions" issue for RS Options, I broke all the other Roles and Restrictions menu links for administrators.  This is fixed in Role Scoper 1.0.4.1

My apologies for the inconvenience to those who downloaded 1.0.4.  Would the person who punished me with a negative plugin rating consider giving it another try?

Role Scoper 1.0.3.4 solves the mystery of plugin deactivation following use of the WordPress "update automatically" feature.  More precisely, it causes Role Scoper to be successfully reactivated following that update.

For the technically curious… the failure was due to WordPress' detection of a supplemental Role Scoper file (version_notice_rs.php) as a main plugin file.  This was due to the presence of '|Plugin Name:' in version_notice_rs.php, where it is used in a regular expression match to extract the plugin name for other plugins which may have Role Scoper extensions available.  The WordPress function get_plugins()  took that as proof of a "plugin file", and logged it ahead of role-scoper.php alphabetically.  The WordPress function wp_update_plugin() assumes that the first logged "plugin file" is the one to re-activate.  I solved this by moving version_notice_rs.php into a deeper subdirectory, as function get_plugins() only looks one level deep.

Note, the first time an auto-update is run, you may see the following nuisance error message:

The plugin role-scoper/admin/version_notice_rs.php has been deactivated due to an error: Plugin file does not exist.

Please ignore that message, which is simply a purging of the imaginary plugin out of WordPress' memory.

Those who have already activated Role Scoper 1.0.2 or higher do not need to run this update.  The only other change is a correction to the Roles and Restrictions menu locations with WordPress 2.8.

It appears that the built-in WordPress plugin updater does not re-activate Role Scoper after an update, nor has it ever - even though the message says "plugin reactivated successfully".  Please manually re-activate Role Scoper as needed after such an update.

I'm currently trying to track down the cause of this failure.  Versions 1.0.2.1 through 1.0.3.2 are simply an effort to appease the auto-updater; sorry for any confusion.

I'm surprised that this has only now been reported.  Have others run the auto-updater with successful  auto-reactivation?

Role Scoper 1.0.2 addresses the various bug reports which have trickled in over the last 6 weeks.  These bugs are all minor in severity and/or affect only a minority of installations.  For details see the change log below.

The only significant new feature is an option to enter usernames or ids (for role assignment) via comma-separated text entry instead of by checkbox selection. This will be a performance and convenience enhancement for installations with over 100 users.

The full change log:

• BugFix : Template function is_restricted_rs / is_exclusive_rs was non-functional on home page (since rc9.9311)
• BugFix : With Attachments Filter enabled, attachments larger than 10MB fail to download on some installations
• BugFix : Fatal Error when viewing a single post entry after RS Options modified to disable front-end filtering
• BugFix : Auto-delete orphaned role assignments left in DB by previous versions following category / group deletion
• BugFix : After an empty group was deleted, its role assignments were left in the database
• BugFix : Event Calendar events without an associated post were not displayed without calendar refresh
• BugFix : Post Restrictions and Post Roles did not display on PHP 4 servers
• BugFix : In Post/Page Edit Form, Author selection was inappropriately available to non-editors
• BugFix : Orphaned role assignments already stored to database will be autodeleted on RS version update
• BugFix : If the object type of a requested attachment parent cannot be determined, assume post
• BugFix : Teaser message displayed in header with some themes
• BugFix : http authentication prompt for RSS feeds with logged administrators on some installations
• BugFix : Hidden Editing Elements settings were not effective for unpublished posts/pages
• BugFix : If a memberless group was deleted, any assigned roles were left (orphaned) in the database
• Plugin : Conflict with WP-Wall plugin caused non-listing or double-listing of wall comments
• Feature : Option to accept CSV entry for user role assignment
• Feature : Bottom-right submit button on bulk admin forms if SCOPER_EXTRA_SUBMIT_BUTTON is defined

It's about time for me to decide whether to continue the career re-invention in web development or back-burner it and refocus instead on growing and selling food in healthy ways.  Since I'm not in a position to pour a lot more time into credentialing or proving myself, this is a request for those familiar with Role Scoper to give me some advice on how the skills I demonstrate here might (or might not) help someone earn an honest living.  I'm looking for 15-40 hours per week, with a duration of 1 month to permanent.

At this point I'm not publicly linking my resume, but will gladly provide it on request. Here's the overview:

Rehabilitated engineering burnout seeks to re-establish a livable career by unleashing newfound WordPress mastery on projects of your choice. Although soft-spoken and courteous, I’m strongly self-motivated and insist on doing quality work I and my employer are pleased to answer for. A deep belief in freedom with responsibility is a defining motivation and influence on all my work.

…and the short but dense portfolio:

Role Scoper - WordPress plugin provides CMS-like control of reading and editing permissions. Content-specific restrictions and roles. User Groups, Attachment Filtering, plugin API. Required extensive relational DB design and query building.

Plow Creek Farm website - a heavily hacked customization of WordPress 1.5 and the Almost Spring theme. This site, ported from static html, demonstrates my sense of graphic layout, functionality, writing and editing.

Tiskilwa Library website - a simple custom site for a small public library. FTP upload scripts and for inclusion of FrontPage-edited content by non-technical administrator.

Role Scoper 1.0.1 is now available to address the following issues:

• BugFix : In some situations, non-attachments were included in Media Library listing
• BugFix : Low level users could not edit uploads from Media Library based on a Post/Page/Category role assignment
• BugFix : Cannot set static front page with Role Scoper activated
• BugFix : Users with editing role via Page / Category assignment could not bulk-delete posts/pages
• BugFix : Post/Page Edit divs configured as Hidden Editing Elements were not hidden for draft posts/pages
• BugFix : After a group was deleted, its role assignments were left in the database
• BugFix : PHP warnings viewing users list with WP < 2.8
• Change : WP 2.7 users with hacked WP template.php user_row code must define("scoper_users_custom_column", "true");
• BugFix : Failed to return results for manual WP_Query calls which include category exclusion argument
• BugFix : Role Scoper error messages were formatted with unreadable colors with WP 2.7
• BugFix : Conflict with ozhAdminMenus plugin, Page menus missing in some configurations
• BugFix : Conflict with WP-Wall plugin caused fatal error
• Feature : Options to hide User Groups, Scoped Roles from user profile

After 10 months of beta development and debugging, Role Scoper 1.0.0 is now a stable release in the WordPress Plugins Directory.  Many thanks to the hundreds of current users, especially the dozens of you who have contributed to this project with informative bug reports, thoughtful feature requests and pertinent usage questions in the support forum.

The last round of development versions (culminating in this release) included dozens of bug fixes and extensive performance enhacements to reduce memory usage.  To identify changes and fixes since your current version, see the change log in the role-scoper plugin directory, or here.

Some of you may have noticed that since installing Role Scoper Release Candidate 9, WordPress has stopped storing Post Revisions.  In reality, the revisions were stored but a recently added Page Parent filter had the side effect of wiping out the legitimate post_parent value, which WordPress uses to tie a revision to the corresponding published post ID.

Today's Role Scoper update corrects that error.  Any existing revisions stored since your installation of Role Scoper rc9 will remain unavailable unless you use a database editor/query to manually edit their post_parent value to the corresponding post ID.

This revision also fixes a few other minor bugs.

• BugFix : Post revisions not saved correctly (post_parent value set to 0), since rc9

• BugFix : PHP warning for htmlspecialchars_decode() when using RSS feed teaser message on a translated site
• BugFix : Tags filter did not support name__like, search arguments

• BugFix : PHP warning for array_diff_key() when calling get_categories with fields=ids

Role Scoper rc9.9215 is now available to fix several bugs.  They will not apply to everyone, but are probably driving you crazy if they do.  Most of the issues are implementation-specific or even server-specific.

Most significantly, Category Restrictions could become ineffective if Role Scoper's db cleanup code failed following a Category deletion.  (That cleanup code was strengthened in rc9.9212).  If a logged user had orphaned Category Roles equal to or greater than the number of restricted categories, no Category Restrictions were applied for that role.

In addition, on some server configurations, the Hidden Content Teaser spewed PHP warnings and/or was completely nonfunctional.

new fixes in rc9.9215:

• BugFix : Filtering for tag cloud did not prioritize top tags by usage
• BugFix : Further precautions against duplicate comment listings / multiplied comment counts (but currently corrupted comment counts will remain so until next comment storage)
• BugFix : Logged users with a WP role setting of "no role" were blocked from everything
• BugFix : In user profile, assigned roles were sometimes repeated in "contains" list

from v 1.0.0-rc9.9214:

• BugFix : Category Restrictions not applied if logged user has orphaned Category Roles equal to the number of restricted categories
• BugFix : PHP warning for htmlspecialchars_decode() when using Hidden Content Teaser with WordPress translation enabled
• BugFix : On some server configurations, Hidden Content Teaser was not effective at all (since rc8.9116)
• Perf : On some server configurations, redundant db queries.

Anyone using default Restrictions for Categories, Pages or Posts should upgrade to today's updated Role Scoper version.  Beginning with RC9.9211, a new bug in the Bulk Restriction administration form prevented the correct display of the "restricted" caption when a default restriction has no corresponding unrestrictions.

Your existing restrictions were not affected, but administration became very confusing with the conditionally incorrect captions.