I'm pleased and relieved to announce the launch of Press Permit, a new content permissions engine for WordPress. It's a structural overhaul that warrants being called a new plugin. Many of the longstanding requests/complaints about Role Scoper needed this type of a re-invention. The restriction model is entirely new, based on custom post statuses and therefore better integrated with the WP core. You can use it to implement 2-tier moderation as discussed in this WP trac ticket. Other major new features are content role assignments to BuddyPress groups and bbPress 2 support.

Note that some Role Scoper features are not currently provides. Hidden Content Teaser and other membership-related functionality await implementation in a membership extension tentatively planned for 2012.

Press Permit is offered as a premium plugin, with the initial download, auto-updates, forum support and (eventually) documentation tied to the purchase of a 12-month support key.  Details at presspermit.com

Please accept my apologies for being so unresponsive for the last few weeks. I just had too much on my plate and too much invested to let it slip. This does not mean I'm dropping Role Scoper. I plan to put out an RS update soon to publish fixes already in the dev code, review your queued forum posts and address any WP 3.3. issues. Moving forward, I intend to keep RS compatible with current and upcoming WP versions but new development and priority support will go to Press Permit.

Next priority: sleep and rest. Some further patience may be required as a ease back into a sustainable pattern of plugin support following this website launch.

Some users who upgraded to Role Scoper 1.3.36 will need to manually move or delete the plugin files to restore plugin operation.  The problem is with the directory structure of the version 1.3.36 zip file - not with the code itself.

For approximately 4 hours today, the Role Scoper download zip file had files nested in an extra directory: role-scoper/role-scoper instead of role-scoper.  The result of this was:

• plugin deactivation
• disappearance of Role Scoper from the wp-admin Plugins list
• inability to reinstall or update Role Scoper via wp-admin

Those who have incurred this misfortune will need to either:

• manually move all files from wp-content/plugins/role-scoper/role-scoper to wp-content/plugins/role-scoper

- or -

• delete the folder wp-content/plugins/role-scoper, then reinstall via your WordPress admin panel

A serious conflict has been identified between the Role Scoper and Edit Flow plugins.  Edit Flow defines a custom taxonomy called "post_status".  The problem occurs when Role Scoper Options are configured to support term-specific Roles and Restrictions for this taxonomy.  Under those conditions, when a new or existing post is saved with "Private" visibility, the visibility is changed to "Public".

This occurs with all versions of Role Scoper, but only when the Edit Flow plugin is also active.

The workaround is to modify Role Scoper Options as follows.  Navigate to Roles > Options > Realm.  In the "Taxonomy Usage" section, uncheck "post_status".  Then click the Update button.

Role Scoper version 1.3.34 is also available to eliminate the conflict. Following the workaround or version update, you will still need to manually change any affected posts/pages back to Private visibility and re-save them.

The full change log for this version:

• Compat : Edit Flow - if 'post_status' taxonomy enabled for RS Filtering, editing a Private post forced it to Public visibility

• BugFix : Non-Administrators could not edit categories if Post Tags enabled for RS filtering

• BugFix : Links were not displayed to non-Administrators if multiple sort fields specified in get_bookmarks() call

Some technical details on the source of this conflict are discussed here.

A Role Scoper plugin update (version 1.3.28) is now available to address the following issues:

WP 3.1

• BugFix : Role Options, Role Defaults menu items were not available on 3.1 multisite
• Feature : Filter "Add New" links out of WP Admin bar if user lacks site-wide capability

Navigation Menus

• Feature : Nav Menu Manager role can be assigned to users who do not have edit_theme_options capability
• Feature : Nav Menu Manager role can be assigned site-wide
• Feature : For Nav Menu Management, option to list only user-editable content as available items
• BugFix : Nav Menus displayed categories even if no posts readable

Miscellaneous Bug Fixes

• When editing is based on category, could not upload files into edit form prior to saving post
• Non-administrators could not add a non-hierarchical custom term to post if taxonomy is included in post type registration
• Internal Cache (and therefore permissions) did not refresh when an existing user's role is changed
• Default roles were not applied at Page / Post creation
• In wp-admin, Page menu not visible while editing a post if page editing access is not site-wide
• Duplicate entries in Author dropdown if RS editing roles have been assigned to WP role groups
• Did not support meta_key without meta_value in get_pages call (or vice versa)

Category Listing (front end)

• BugFix : New categories were not listed until Role Scoper re-activation, under some configurations
• Change : Support post_type argument in get_terms / wp_list_terms function call

Category Management

• Feature : Category Assigner role does not grant post creation/editing capabilities but specifies categories which are assignable to any user-editable post regardless of post ownership or status
• BugFix : Term-specific management roles did not grant editing access
• Change : Term-specific management role also grants ability to create child terms
• BugFix : Non-administrators could not delete categories

Plugin Compatibility

• NextGEN Gallery - with versions 1.7+, error when uploading images as a non-Administrator
• Grand Flash Gallery - error when uploading images as a non-Administrator
• More Types: support late registration of post types by automatically forcing RS to initalize later
• Simple Fields plugin - non-Administrators could not use custom field file uploader
• Quick Post Widget - categories were not filtered
• When plugin or theme code forces autologin, RS filtering does not reflect it until the next http request

Sites using Role Scoper 1.3.x to selectively allocate page editing access to non-Editors should upgrade to version 1.3.12 to avoid having stored page parent values corrupted.

In some cases, this bug caused the parent value to be set to one of the page's descendants… yielding infinite loops in the Edit Pages listing.  I will post a cleanup script soon.  If you suspect this has affected your site and cannot wait for an automatic recovery, use phpMyAdmin (or the Adminer plugin) to set the post_parent of suspect posts to zero.

The full change log for this version:

• BugFix : Page Parent automatically changed (possibly to an invalid selection) when a page is edited by a limited user who cannot fully edit current parent

• BugFix : Category Manager restrictions were not applied for WP Editors

• BugFix : "Navigation Menus" checkbox displayed inappropriately in Roles > Options > Realm > Taxonomy Usage

• BugFix : Invalid filtering results after other template/plugin code manually changed current user via call to wp_set_current_user

• Change : Default to requiring site-wide Editor or Administrator role for role/restriction assignment

• Compat : Revisionary - Was causing duplicate checkboxes for Pending Revision Notification in some cases

• Compat : Revisionary - Some qualifying users were not included in Pending Revision Notification checkboxes if internal cache was disabled

• Compat : Revisionary - All authors to see and edit revisions submitted on their posts (unless HIDE_REVISIONS_FROM_AUTHOR is defined)

Role Scoper 1.3.6 is now available.  It fixes a security hole in RS 1.3.x when using Reader Restrictions without setting post status to "Private" visibility.  Sites restricting access via "Private" setting are not affected.  See the full change log below:

• BugFix : Post previews for qualified users failed with "Not Found" error

• BugFix : For template calls to get_terms() / get_categories() / wp_list_categories(), include argument was not handled correctly (since 1.0)

• BugFix : Fatal Error for logged Administrators (undefined method merge_scoped_blogcaps) in some cases

• BugFix : Reader role restrictions not applied in some situations

Role Scoper 1.3.4 is now available to correct a conflict with the Revisionary plugin which was introduced in the previous RS version:

• Compat : Revisionary - Posts were blocked from front-end display if both Role Scoper and Revisionary enabled

This Role Scoper update only pertains to sites which also use Revisionary.

Role Scoper versions 1.3.3 and 1.2.12 (for WP < 3.0) are available to fix the following plugin conflicts:

• Compat : Smart YouTube (and other plugins that execute a posts query joined to comments table) - database error

• Compat : Revisionary - Pending count and links were not displayed in Dashboard Right Now or Edit Posts listing if revisor capability is by term or object role assignment

• Compat : Revisionary - Non-Administrators receive Not Found error for revision preview

If you do not run Revisionary or Smart YouTube, there is no need to upgrade RS from the previous version.

Role Scoper 1.3.2 update is available to correct the following bugs:

• BugFix : Post counts, term counts, comments and attachment counts were not filtered within wp-admin for non-Administrators (since 1.3.1)

• Compat : Revisionary - users could not submit or edit revisions based on Contributor role direct-assigned for post

Minor updates to today's Role Scoper releases are now available: Role Scoper 1.2.10 and 1.3.1.

This update only pertains to sites using the Role Scoping for NextGEN Gallery extension plugin:

• Compat : Role Scoping for NextGEN Gallery - Gallery Authors could not manage a gallery after creating it