Resources

My Agape try

Your Agape try

News Categories:

Site search

Support Forum

You must be logged in to post Login Register

Search 
Search Forums:


 




Home Forums Role Scoper Support Role scope: pages visible to all if plugin fails?

Role scope: pages visible to all if plugin fails?
Page: 1
UserPost

2:51 am
November 25, 2009


gabimazz

Member

posts 3
1

Dear Kevin,

I'm testing Role Scope to create some pages visible only to certain group of user. I'm using now the 10% of plugin capabilities but I see that, as the site will grow, all the rest of the features will be useful for me.

My question is this: as these pages have sensitive information what would happen if for any reason the plugin fails to work? They will really be visible to everyone?

To try a test of  this  I deactivated the plugin to see what happen to the page with a read resctiction to a specific group. The result is that the pages turn visible to all.

I would prefere that all the pages which have any kind of restriction will not displayed to the public but only to the admin in the front-end and also in the back-end.

This is a strong point for security reasons. We know that plugins can fail for reasons (upgrades, conflict with new plugins etc) that developers can't foresee. But if someone restritct a page it means that the page must not be visible to all whatever happens.

Is there a way to have Role Scope working in this way?

Thanks

gabi

6:08 am
November 25, 2009


Kevin

Admin

posts 2503
2

gabimazz said:

I would prefere that all the pages which have any kind of restriction will not displayed to the public but only to the admin in the front-end and also in the back-end.

You can accomplish the front-end goal simpy by setting the page visibility to "Private". I am looking at adding the option to do this automatically when the Page Reader role is restricted. However, keep in mind that this will tend to incur conflicts with plugins and themes which force a "post_status = 'publish'" clause into the query. The get_posts() function does that by default. The next RS release will include a workaround for this issue.

To hide your restricted content in wp-admin, Role Scoper would need to remain active because there is no mechanism in the WP core to do that.

3:12 am
December 2, 2009


gabimazz

Member

posts 3
3

Thanks for your suggestion Kevin,

I see if following it I get problems. I will wait anyway for your next release.

gabi
Page: 1
Topic RSS 

About the Agapetry forum

Currently Online:

13 Guests

Maximum Online: 150

Forums:

Groups: 2

Forums: 7

Topics: 1249

Posts: 5659

Members:

There are 1261 members

There are 1 guests


Kevin has made 2503 posts

Top Posters:

metal450 - 178

Ragnar - 108

YikYak - 70

whiteorb - 49

Daisy - 35

Administrator: Kevin | Moderators: Kevin