| User | Post |
|
4:37 am
July 13, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
Hi Kevin,
I am working on a WP-based website that has only two users: the admin (myself) and the owner. What I want is to create a set of pages which the owner can edit to set the content. However, I'm looking for a way to prevent the owner from creating new pages himself.
Besides this main behaviour, the owner must be able to fully 'moderate' (create / edit / delete) all posts and manage comments. All other capabilities (editing blog options, managing categories, etc.) should be saved for the admin.
Looking for a way to achieve this, I stumbled upon your rich plugin, but, as you may guess, I can't figure out how to accomplish my goal.
I'm really hoping you can guide me in this.
Thanks a lot in advance!
|
|
|
11:50 pm
July 15, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
You could do it as follows:
- In the WP Admin -> Users, give the "client" user a WP Role of Author
- For each page you create, use the "Editors" tab in Page Edit form to assign that role to "client"
That should fulfill all the requirements you state above, assuming the WP Roles haven't had their WP capabilities shuffled by Role Manager.
In the future, if another User account is needed, you could give "client" a Role Scoper Blog Role of Post Editor. Then they could edit other user's posts, but still lack any page creation abilities.
|
|
|
6:24 am
July 16, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
Thanks for the reply! But it doesn't work as I expected yet. The whole thing seems kind of 'unstable', because sometimes things work and sometimes they don't.
1. Sometimes, when the Author role is assigned, the client user is able to create pages even though it shouldn't. Sometimes it works like it's supposed to: the client user can only create new posts.
2. When I select the Editors tab in Page Edit, there are two new tabs: “Groups” and “Users”. Which one should I select here? I guessed “Users”, because I have to select the client user and set him as an editor. But, *most* of the times, the client user is not listed under “Users”, only the admin. That is, there were a few occurrences when the client user *did* appear, but then the client user could automatically create pages as well…
I must admit that I'm doubtful on which WP version to use at the moment. First of all, my client is Dutch so I prefer to use a Dutch language pack for WP. The latest Dutch version of WP is 2.5. I upgraded this version to 2.5.1 and everything seemed to remain stable. However, version 2.6 was just released so I thought that'd be worth the update. Unfortunately a lot of the translated parts went back to English after the update. So I guess at this point my best (Dutch) option is WP 2.5.1.
The thing here is that I switched a few times between versions (each times creating a new install) to test out your plugin and a different WP version. So is there a specific WP version of which you know has the least 'problems' or inconsistencies with Role Scoper?
Any other hints on how to achieve my goal?
Thanks again!
|
|
|
10:22 am
July 16, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
AmiKaze said:
Thanks for the reply! But it doesn't work as I expected yet. The whole thing seems kind of 'unstable', because sometimes things work and sometimes they don't.
1. Sometimes, when the Author role is assigned, the client user is able to create pages even though it shouldn't. Sometimes it works like it's supposed to: the client user can only create new posts.
I suspect that what you're seeing here is not an instability, but a consistently annoying bug related to menu navigation. I think RS & WP may share the blame for this one, but I'll come up with a fix/workaround in the next beta revision.
- Enter WP Admin or click on Dashboard
- Click WP Admin -> Write
- Observe that only “Write Post” is available, and WP loaded it by default when you clicked the "Write" link.
- Click WP Admin -> Manage -> Manage Pages
- Click WP Admin -> Write
- Observe that although only “Write Post” is available, WP helpfully loaded “Write Page” by default because you were previously in “Manage Pages”
- Notice that the user can indeed create pages (incorrect), but can't publish them (correct).
Can you confirm that this is a repeatable bug that is sufferable pending my fix?
If you're thinking “but those users should'nt be able to get into page-new.php with by direct URL either”, that's also a valid point. I'll also work on preventing that. Please understand that this control issue, like many others related to WP admin/editing roles, has to overcome some limitations in ready-made WordPress hooks. The filtering is doable but not entirely straightforward and definitely not automatic. Although I've worked very hard to make it seamless, these are still beta days. As you have found, there will be some scenarios where the access control or menu/form presentation is not quite right. The last couple months have shown that when users like you report unexpected behavior, I'm able and willing to explain and/or fix it rather quickly. I greatly appreciate this feedback from you and others and hope we can keep cooperating to make this software as reliable and useable as possible.
|
|
|
10:43 am
July 16, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
AmiKaze said:
2. When I select the Editors tab in Page Edit, there are two new tabs: “Groups” and “Users”. Which one should I select here? I guessed “Users”, because I have to select the client user and set him as an editor. But, *most* of the times, the client user is not listed under “Users”, only the admin. That is, there were a few occurrences when the client user *did* appear, but then the client user could automatically create pages as well…
So is there a specific WP version of which you know has the least 'problems' or inconsistencies with Role Scoper?
Any other hints on how to achieve my goal?
Sorry, I omitted a step in the directions. Since your "client" user cannot generally edit pages at all, Role Scoper by default omits them from the available page Editors list. This is by design, because if a site has lots of low-capability users, it could be annoying to always wade through them for editing role assignments. To force "client" and other users to be included as available page Editors, do the following:
- Go to WP Admin -> Roles
- Scroll down to the Role Assignment Interface section
- Uncheck "Limit eligible users for page-specific editing roles"
- Click the Update button
As for other cases when "client" did appear as an eligible user… are you sure that wasn't in the "Readers" tab, or in the Edit Post form? Remember, WP was helpfully defaulting to "Write Page", but if you click on "Write" again, you would be taken to "Write Post".
I am not aware of any version-related problems with WP 2.6, but will test it more thoroughly this week. I will be more confident in Role Scoper's WP 2.6 compatability after this next round of testing and debugging. But that also brings me to advice for achieving your goal. Remember that you are part of the solution. If Role Scoper doesn't behave as expected, take some time to experiment and prove to yourself when it works right and when it doesn't. Once you have it down to a list of steps, post them here. I'll take your report seriously and chances are it will improve the plugin, the documentation, or both.
|
|
|
1:06 pm
July 16, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
Thank you very much for the clear and informative answer(s). I will play around a bit with different scenarios and post my findings here.
|
|
|
4:33 pm
July 16, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
I did some testing with the two WP versions I currently use, WP 2.5 with the Dutch language pack and WP 2.6 with the default English language. Fortunately (for you  ) the result is almost identical. However, I'm afraid I didn't get the result I was hoping for.
I used the following scenario in both versions and it confirms the notes you made in the two replies above:
- Fresh install (+ changed the admin password)
- Activate Role Scoper Plugin
- Uncheck 'Limit eligible users for page-specific editing roles' under Roles
- Add new user ('client') with WP 'Author' Role
- (still admin) Go to Manage -> Pages -> default 'About' page
- Check 'client' user in editors tab (+ save)
- Log out admin and log in as 'client'
- The Dashboard shows 'Write a New Page' AND 'Write a New Post' (incorrect)
- 'Write' only shows 'Post' (correct)
- 'Manage' shows 'Posts' AND 'Pages' (correct)
- The 'About' page text can be altered (obviously), BUT when trying to save an error pops up: “You are not allowed to edit pages as this user.” (incorrect)
- When clicking 'Manage' -> 'Pages' and then 'Write' it shows 'Write Page', BUT when trying to save it with 'Published' selected, the page is saved 'Unpublished', or 'Submitted for review'. (correct)
Well, the biggest 'problem' (for me) here is, as you may guess, that the 'client' user doesn't have the rights to save the published page created by the admin (step 11). I hope you know of a fix for this too. All steps felt logical and the 'Role Assignment Interface' option is clear now.
Now, on to the differences between version 2.5 NL and 2.6 EN. I only noticed different behaviour in version 2.6.
- At step 6 AND step 12 I got a PHP Warning when saving: Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\wordpress-2.6\wp-content\plugins\role-scoper\admin\filters-admin_rs.php:536) in C:\xampp\htdocs\wordpress-2.6\wp-includes\pluggable.php on line 770. Those errors were exactly the same in both steps. It might be related to the install of XAMPP I'm running? Here's a screenshot of the page (sorry it's so small): http://dump.amikaze.net/rs_error.jpg. The pages did save though, I checked by reloading the page.
- At step 11 when I got to magaging the 'About' page, a WP Warning showed at the top of the page: “Warning: admin is currently editing this page”. But I don't think that caused any problems.
- Minor graphical difference: when editing a Page, version 2.6 shows the Role Scoper tabs (Readers, Contributors, etc.) at the top. Version 2.5 shows them a bit lower in between the other options.
That's about it for now.
I really appreciate your work on this plugin and your kind replies. I can't imagine how much work you put in creating and updating the plugin. I have created websites with simple CMSs myself so I know how much time goes into it, so it would be great if WordPress + plugins could replace a custom built CMS/blog.
I hope to hear from you soon!
|
|
|
8:01 pm
July 16, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
Wow, thanks for the detailed feedback. A couple bug fixes already, and I haven't even made it halfway through your post! 
You can correct the “cannot save a page as this user” error as follows. In plugins/role-scoper/admin/filters-admin.php:
change
if ( empty( $this->scoper->generate_id_caps ) ) {
$this->scoper->generate_id_caps = array('moderate_comments', 'manage_categories', 'edit_published_posts', 'edit_published_pages', 'edit_others_posts', 'publish_posts', 'publish_pages');
to
if ( empty( $this->scoper->generate_id_caps ) ) {
$this->scoper->generate_id_caps = array('moderate_comments', 'manage_categories', 'edit_published_posts', 'edit_published_pages', 'edit_others_posts', 'edit_others_pages', 'publish_posts', 'publish_pages');
Notice the missing edit_others_pages cap. This array does not open any gaping holes. It just represents capabilities for which WordPress might impose a blanket capability requirement in a situation where the capability check should be post/page - specific. Role Scoper will try to determine the “missing” post_ID argument from HTTP POST variables, URI arguments, etc.
I will include this fix (as well as the Dashboard link filtering and possibly others pertaining to your above post) in the next Role Scoper revision.
|
|
|
9:59 pm
July 16, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
AmiKaze, I just e-mailed you a development copy that fixes all the bugs you cited above (and a few others). Others who send me such helpful bug reports might also receive this kind of service.
|
|
|
3:02 am
July 17, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
Kevin said:
AmiKaze, I just e-mailed you a development copy that fixes all the bugs you cited above (and a few others). Others who send me such helpful bug reports might also receive this kind of service.
Thanks, but I think I just deleted your last two e-mails by accident! 
I have the RSS feeds enabled for this topic and I blindly erased your e-mails thinking they were the same notifications as the feeds.
Could you please resend those mails? One had the attachment of the development copy and IIRC the other started with something like "By the way, version 2.6…"
And of course I'm glad to be of help. Role Scoper does have a much larger scope than any other similar plugins I've seen. I'll let you know my new experiences with the development copy.
|
|
|
11:58 am
July 17, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
I got your e-mails, thanks a lot.
I am now able to save the managed page as the client user, which is great! That was exactly why I came here. I tested it with WP version 2.6 and Role Scoper version 0.9.20-dev.
I did however get (almost) exactly the same PHP Warning at the same spots. First, when adding the client as an editor in Page Edit mode. The second time when saving the managed page as the client user. I guess you edited the filters-admin_rs.php file, judging from the first line number . Here's the Warning: Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\wordpress\wp-content\plugins\role-scoper\admin\filters-admin_rs.php:543) in C:\xampp\htdocs\wordpress\wp-includes\pluggable.php on line 770. That would be worth looking into as well.
I just quickly tested with WP 2.5 Dutch and it works perfectly! So my next step will be to experiment some more with it and then decide whether or not to use it for a new project.
Thank you so much for providing me with a great solution to my problem!
EDIT: By the way, I originally posted my question on the WP support forum. My username there is 'piranhahotella'.
|
|
|
3:16 am
July 22, 2008
|
Kevin
Admin
| | | |
|
| posts 1326 |
|
|
You're welcome; thanks for your feedback and cooperation.
That PHP warning was fixed in a recent release.
|
|
|
4:59 am
July 22, 2008
|
AmiKaze
Member
| | | |
|
| posts 8 |
|
|
Kevin said:
You're welcome; thanks for your feedback and cooperation.
That PHP warning was fixed in a recent release.
I see you've fixed and added a lot between version .19 and .23, I'll look into it a bit more.
Thanks again!
|
|
Login
Register
Search 
Forums
Topic RSS 