Resources

My Agape try

Your Agape try

News Categories:

Site search

Support Forum

You must be logged in to post Login Register

Search 
Search Forums:


 




Home Forums Role Scoper Support New Bug Blocks All Editing?

New Bug Blocks All Editing?
Page: 1
UserPost

10:41 pm
January 18, 2011


gopanthers

Member

posts 9
1

I know this was all working a few days ago and at least once in the past few days I've clicked the automatic upgrade button for this plugin and now it seems to all be messed up. 

Now, everybody who was assigned the role of editor for certain pages, still sees the Edit button on pages they're allowed to edit, but when they click the edit button (or if they try to edit the pages they have permission to edit from within the Dashboard) they get an all gray page with the words "You are not allowed to edit this item."  Nobody can edit anything anymore, but the system still recognizes which pages they should have access to edit.

11:02 pm
January 18, 2011


Kevin

Admin

posts 2503
2

Let me know what your configuration is so I can try recreating the symptom.

11:15 pm
January 18, 2011


gopanthers

Member

posts 9
3

If this is what you mean by configuration… I've only got three users set up as edtors on specific pages.  Two of them were added to a few specific pages via the options on that page.  And a different user is part of a group and that group is assigned to edit 5 or 6 specific pages.

http://agapetry.net/forum/role-scoper/basics-101/page-1/

It's been a few days since I tested it but I know it was working before because when you helped me before (see link) I had logged in then and confirmed it worked before.  But now every editor gets the list of pages they're allowed to edit in their Dashboard, but they only get that error message when they attempt it.

If you meant something else by configuration just let me know.  I have tried a few new plugins unrelated in the past day or two but I didn't like them so I actually deleted all of them anyway.  Otherwise, upgrading (a few different plugins) was the only change in the past few days.

If you'd like I can gladly set you up as a subscriber and then assign you as editor to a hidden test page to see if you get the same results that I've bee seeing.

Thanks.

9:28 am
January 19, 2011


Kevin

Admin

posts 2503
4

This proved to be a conflict with the PHP Execution plugin. For a workaround, see "Other Notes" in readme.txt (currently not displaying in the plugin directory for some reason).

5:19 pm
January 19, 2011


gopanthers

Member

posts 9
5

Thanks for your help.  You are right that PHP Execution was causing a conflict because with it disabled everything worked and with it enabled again I got those errors.

I found the workaround you referred to and made the two changes to PHP Execution.  Unfortunately it did not seem to fix the problem. Cry  Do I need to just chalk this problem continuing to the fact that both plugins continue to upgrade so a previous workaround just may not work anymore? 

—————————————————————————————-

Just to make sure I did this right…

Your Read Me file says:

change:
    add_filter('user_has_cap', array(&$this,'action_user_has_cap'),10,3);
           
to:
    add_filter( 'map_meta_cap', array( &$this,'map_meta_cap' ), 10, 4 );

That first part is a no brainer.  But the next part says:

replace function action_user_has_cap with :
    function map_meta_cap( $caps, $meta_cap, $user_id, $args ) {
        $object_id = ( is_array($args) ) ? $args[0] : $args;
        if ( ! $post = get_post( $object_id ) )
            return $caps;

        if ( function_exists( 'get_post_type_object' ) ) {
            $type_obj = get_post_type_object( $post->post_type );
            $is_edit_cap = ( ( $type_obj->cap->edit_post == $meta_cap ) && in_array( $type_obj->cap->edit_others_posts, $caps ) );
        } else {
            $is_edit_cap = in_array( $meta_cap, array( 'edit_post', 'edit_page' ) ) && array_intersect( $caps, array( 'edit_others_posts', 'edit_others_pages' ) );
        }

        if ( $is_edit_cap ) {
            $id = $post->post_author;

            if ( isset( $this->cap_cache[$id] ) ) {
                $author_can_exec_php = $this->cap_cache[$id];
            } else {
                $author = new WP_User($id);
                $author_can_exec_php = ! empty( $author->allcaps[PHP_EXECUTION_CAPABILITY] );
                $this->cap_cache[$id] = $author_can_exec_php;
            }

            if ( $author_can_exec_php )
                $caps []= PHP_EXECUTION_CAPABILITY;
        }

        return $caps;   
    }

At first I assumed that you meant to replace the whole section (below) with the all the code above (except the first line "replace function action_user_has_cap with :".

function action_user_has_cap($allcaps, $caps, $args)
    {
        global $current_user;
        // allcaps = all capabilities of the user
        // caps = capabilities to check along with args[0]
        // args[0] = current capability to check; args[1] = userID; args[2] = postID;
        #echo '<pre>' . print_r($caps,1) .'</pre>';
        #echo '<pre>' . print_r($args,1) .'</pre>';
        if($args[1] == $current_user->ID)
        {
            switch(true)
            {
                case($args[0] == 'edit_post' && in_array('edit_others_posts',$caps)):
                case($args[0] == 'edit_page' && in_array('edit_others_pages',$caps)):
                   
                    $author_can_exec_php = true; // till better info we expect the author to have rights to execute php code
                   
                    if( $args[2] && ($post = get_post($args[2])) ) // if postID is specified => check post->authors php execution rights
                    {
                        $id = $post->post_author;
                       
                        if(isset($this->cap_cache[$id]))
                        {
                            $author_can_exec_php = $this->cap_cache[$id];
                        }
                        else
                        {
                            $author = new WP_User($id);
                            $author_can_exec_php = $author->has_cap(PHP_EXECUTION_CAPABILITY);
                            $this->cap_cache[$id] = $author_can_exec_php;
                        }
                    }
                   
                    if( !$this->current_user_can_exec_php && $author_can_exec_php )
                    {
                        $allcaps['edit_others_posts'] = false;
                        $allcaps['edit_others_pages'] = false;
                    }
                    break;
               
                // The following 2 cases are if checked always checked together with the above ones !?!?
                // I've checked this for editing posts and pages in the general dialog.
                // As !!very wisely!! no authorID or postID is provided with a cap check for
                // edit_others_posts & edit_others_pages, one cannot tell who "the others" are
                // and thus we cant decide if they are allowed to execute php code or not.
                #case($args[0] == 'edit_others_posts'):
                #case($args[0] == 'edit_others_pages'):
                    #break;
           
            }
        }
        return $allcaps;
    }

Despite it not working, that made sense to me that that was what I was supposed to do.  But after it didn't work I tried to take the instructions literally and I replaced only function action_user_has_cap

with all of the replacement code.  But that REALLY didn't work and my entire site broke down.  Luckily I was able to fix it by simply downloading the PHP Execution plugin and re-uploading the one file that was changed.

Anyway, long story short, was I right in my first attempt to replace that entire section and not just the one line?

10:01 am
January 24, 2011


Kevin

Admin

posts 2503
6

Your first attempt (as described) was the right interpretation, and does work in my trial with the current versions of each plugin.

If you are concerned about the code edit, you can simply add function map_meta_cap (removing function action_user_has_cap is not crucial; it just becomes dead code).

You will also need to add the execute_php capability to any role which should be able to edit posts that were authored by another user who has that capability.
Page: 1
Topic RSS 

About the Agapetry forum

Currently Online:

15 Guests

Maximum Online: 150

Forums:

Groups: 2

Forums: 7

Topics: 1247

Posts: 5656

Members:

There are 1259 members

There are 1 guests


Kevin has made 2503 posts

Top Posters:

metal450 - 178

Ragnar - 108

YikYak - 70

whiteorb - 49

Daisy - 35

Administrator: Kevin | Moderators: Kevin