Introducing Role Scoper for WordPress
Intro to WordPress Roles · Role Scoper Description · Acknowledgements · Download · Usage Guide · News
WordPress: Capabilities, Roles and Wish Lists Whenever you access a WordPress site, the software considers what you are trying to do: read a post, edit a page, manage categories. Most sites allow you to read posts and pages without logging in. Any other operation you may request is permitted only if your user definition (as identified by login name and password) includes a corresponding capability.
For administrative convenience, WordPress bundles capabilities into collections called roles. By default, these roles are:
Subscriber:
- read published posts and pages
Contributor:
- all Subscriber capabilities
- contribute a post (for review by editor), and edit it before publication
Author:
- all Contributor capabilities
- contribute a post, publish/unpublish/edit it, and moderate its comments
Editor:
- all Author capabilities
- contribute/publish/unpublish/edit any user’s post
- contribute or edit any page
- manage all categories and moderate any comment
- read posts and pages which are marked “private”
Administrator:
- all Editor capabilities
- define users and assign them roles
- configure all site options
This role configuration works well for WordPress’ conventional application as a single-user blog. But what if you want someone to contribute their own pages without editing other’s post or pages? Or maybe some users should edit other’s posts without being able to edit pages at all. The current solution is to use an existing plugin like Role Manager to either redefine “Editor”, or create a cloned “Special Editor” role, moving existing Editors to it as needed. As plugins come on board with additional capabilities, the role permutations increase. This one-role-per-user paradigm makes for simple source code and queries, but as a site shifts from single-user blog to multi-user CMS, role creation / editing is inconvenient for both developer and site administrator.
If you manage to successfully define and assign custom roles for your WordPress CMS, soon you will wonder how to grant reading or editing capabilities for multiple subsets of posts or pages. On your WordPress-powered high school news site, how can you enable someone to post only to the “Sports” category? On your corporate intranet site, can you conveniently enable members of HR to edit existing and future personnel policy pages (but not the engineering best practices pages)? Can you enable someone to create a new page, but specify a subset of “parent” pages it can be linked to? Can all these content-specific roles be administered on a sectional basis, or must someone edit/administer the whole site or nothing?
By default, WordPress doesn’t have a good answer to those CMS dreams, regardless of any custom roles you may define.
Some past and current WordPress plugins (Limit Categories, Category Visibility, Post Levels, Restrict Pages, Disclose Secret, WP-Group-Restriction) have dealt with pieces of this permissions puzzle. Using them, I appreciated a multitude of useful features. Yet as I tried and tried again to combine and configure this plugin assortment to meet all my WordPress CMS aspirations, there was always a missing piece. Enter Role Scoper Role Scoper is a comprehensive enrichment for capability enforcement and administration in WordPress. Assign reading, editing or administration roles to users or groups on a page-specific, category-specific or other content-specific basis.
Role Selection Boxes in Edit Post / Page Form (note: for basic usage, this is all you need to deal with):
screen shot: Role Assignment Tabs in Edit Post
screen shot: Role Assignment Tabs in Edit Page
Optionally, define User Groups for subsequent Role Assignment:
screen shot: Edit User Group
Each User’s WordPress role is honored by default, but can be:
- supplemented with content-specific role assignments
- disregarded if the role is restricted for the requested content
screen shot: Scoped Roles in User Profile
Set Category Restrictions to block reading/editing access for users who have a specified WordPress role but no corresponding Role Scoper role (note, post/page restrictions also available):
Assign Category Roles to expand reading or editing access:
^ click to examine Category Roles User Interface (sample html)
Scoped role restrictions and assignments are reflected in every aspect of the WordPress interface, from front end content and navigation to administrative post and comment totals.
Additional features:
- Propagation of Roles or Restrictions to subcategories / child pages
- Default Restrictions, Default Roles and Default Groups automate admin tasks
- Hidden Content Teaser: choose whether unreadable front-end content is hidden or replaced with a customizable teaser
- Role Administration Aides: Post/Page role assignment UI indicates where users have a role implicitly via WP role, category role or group membership. (Made possible by a new role storage schema and users_who_can function).
- Pending Revisions enable Contributors to edit a published post/page, with the change held for review by an administrator
- Internal File Cache limits Role Scoper’s database query overhead
- Attachment Filtering prevents direct file access to your uploaded images/documents if the user can’t view the containing post/page
- Plugin API allows other plugins to define their own data sources, taxonomies, capabilities and content-specific roles
- User Customization of Role Definitions (add or remove applicable capabilities for each content-specific role)
Although Role Scoper’s default configuration is ideal for most sites, its functionality and sphere of influence is highly customizable to match your usage.
^ click to examine Role Scoper Options User Interface (sample html)
Due to its abstract data model and API, Role Scoper can be extended to bring content-specific access control to other plugins which define and check WordPress capabilities. The resulting plugin-specific roles will supplement any other assigned roles; there is no need to merge all capabilities into an all-inclusive role.
Role Scoper is currently a public beta release. All intended features are present and currently undergoing further testing prior to official release (and pending your feedback). This plugin is open source software released under the General Public License (GPL). Due to limitations, obligations and non-technical aspirations common to most human beings, I will probably never again donate unpaid plugin development on the scale Role Scoper has required. However, I do plan to provide some free support, correct bugs which emerge and revise the plugin for future WordPress versions. If it adds value to your website or saves you time and money, you can express appreciation in several ways:
- Download Role Scoper and try it out on your WP 2.5-2.7.x site (WP 2.2-2.3 version also available)
- Submit technical feedback, including improvement requests.
- Submit a case study, explaining how Role Scoper helps you do something excellent and praiseworthy.
- If the plugin has seriously broadened your CMS horizons,
- If you are a seasoned web developer, grant me your professional opinion on how this work stacks up and how I might best make a sustainable career of it.
- Hire or refer my services to design, redesign or enhance your site - quality care at reasonable rates.
Posted: May 15th, 2008 under News, Role Scoper, WordPress Plugins.
Comments: 218
Comments
Time: May 23, 2008, 4:34 pm
[...] Role Scoper Plugin for Wordpress | Agapetry (tags: auteurs gebruikers roltoekennen wordpress) bewaar bij: [...]
Time: May 30, 2008, 3:48 pm
I got that: "Your attempt to edit this post: "XXXXXX" has failed." - Thanks for your work making this plugin. - Chris Masse
Time: May 30, 2008, 4:16 pm
Chris,
Since that error doesn't happen for every post edit attempt, can you say a little more about the configuration and steps that led to it?
Was this a new or existing post? Private, published or draft? Were you logged in as admin? If not, what WP blog role did the logged user have? Did any of the stored or selected post categories have role(s) marked as exclusive? If so did the logged user have any of those section role(s) assigned? Did the post have any roles marked exclusive? Any object role assignments for the logged user?
Time: May 31, 2008, 2:51 am
I did just enable the plugin without parametering it. - That error was not shown to me (the admin) but to one of my co-author. - It was a draft. He was an author. As I said, the plugin was enabled but I did touch the options. - Thanks Chris Masse
Time: May 31, 2008, 9:38 am
Thanks, Chris, for this bug report.
I have reproduced the error and am working on a fix.
Time: June 1, 2008, 3:53 am
thanks for the amazing plugin. I was looking for this.I am in the process of developing a new wordpress plugin for my site.This will help in my venture.Thanks a lot..
Time: June 4, 2008, 5:16 pm
thanks very useful plugin
Time: June 14, 2008, 4:44 pm
Amazing work. Thanks a lot!
Time: June 16, 2008, 9:05 am
Awesome plugin…
but let's say that I want to give to all the users who have the 'Author' role the ability to edit one and only one specific page, and no access to write/edit posts, links, category, etc…
How can I achieve this result with your plugin?
Time: June 19, 2008, 3:42 pm
Holey Moley. This looks just like what I have been looking for! Here's something for your FAQ. Does this replace functionality of the Role Manager plugin? http://www.im-web-gefunden.de/wordpress-plugins/role-manager/
Time: June 19, 2008, 4:54 pm
I was receiving an error (unexpected endif statement on line 239 in admin/groups.php) whenever I tried to access the Groups page. The error was caused by a missing closing brace for the IF statement on line 175. I solved it by replacing the opening brace with a ":", and then adding "endif;" on line 192.
Time: June 19, 2008, 5:19 pm
To correct my previous comment: the error wasn't caused by a missing brace (it is there, with an accompanying comment, on line 233), but by the fact that line 232 started with a short-style PHP tag. Having the support for short-style PHP tags turned off, I was receiving the error above. The fix was, simply, to use the standard PHP tag ("<?php" instead of "<?").
Time: June 19, 2008, 5:30 pm
Damiano,
I wonder if you have a bad download. My copy of groups.php does have a closing brace for that IF statement. In fact, the closing brace on line 233 is followed by a comment matching it to the if statement you mention.
I'm glad you were able to work around that error, but modifying groups.php as you describe creates an error for me. If it still looks like that workaround is necessary on your installation, please mail me a copy of your file so I can look into it further.
Time: June 19, 2008, 5:33 pm
Okay, I just saw Damiano's last comment and have replaced the php short tag with a proper "<?php" for the next revision.
Thanks for catching that.
Time: June 19, 2008, 6:17 pm
Joe,
Thanks for that jovial introduction. Your excited discovery reminds me of why I undertook this project in the first place.
The Role Manager question does now qualify as an FAQ, and I plan to put together such a document soon. Until then, the following is a short answer (longer explanation here):
Role Scoper will coexist with Role Manager by * defining additional, supplemental roles (including blog-wide) * filtering the application of "regular" WP blog roles for certain content
I chose not to go all the way and provide WP blog role definition and assignment because I don't know where the WP core role storage schema is headed and prefer to treat it as a black box at this point.
Time: June 20, 2008, 1:25 am
Stefano,
You can do that (enable Authors to edit one page and nothing else) as follows:
* Install the Role Manager plugin and use it to remove the "edit_posts" capability from the Author role. Can also remove all other caps except "read" if you want.
* While logged in as admin and with Role Scoper activated, edit the page you want Authors to edit.
* Expand the "Editor" dialog. Click on "Groups" and select "[WP Author]"
* Save the page
Prior to the new revision, these authors could still get into the "Write Post" / "Write Page", but could not save anything as published. Now they won't even see the "Write" menu link.
Time: June 20, 2008, 5:13 am
Kevin, thanks for your help… I will try it 
Stefano
Time: June 26, 2008, 11:43 pm
This looks like a great plugin, exactly what I needed!
I understand how to do what you told Stefano to do, but I want to also allow users in a certain group to add new pages, but force them to make the parent page one of the other pages that they own. Your writeup says that that should be possible, but I can't see how to do it. If I enable publish pages for the role, then they can publish pages anywhere, but if I don't they can't publish pages anywhere.
Time: June 27, 2008, 3:04 pm
I looked into this and found some bugs preventing it from working the way you expected. New version download and full description here.
You should have Role Manager remove the publish_pages cap for your users' WP Role, then follow the instructions in the link above.
Time: June 29, 2008, 7:12 pm
WOW! I'm impressed and excited….this is EXACTLY what I need!! I've got it running, now I just have to figure out how to use it….THANKS SO MUCH!!!!
Time: June 30, 2008, 12:54 pm
The plugin is excellent. Thanks for doing this!
Quick question: what's the best way to redirect a user without access? Right now, when someone tries to access a protected page, Wordpress spits out the 404 page. I'd like to redirect to something more useful. Can this be done within Role Scoper or is this a Wordpress hack?
Time: July 1, 2008, 3:51 am
Zack, if your concern is only for a specific site, I would look into a theme hack. You should be able to add some code the 404.php which gets the requested page ID, checks for its existence with something like
if ( $post_exists = $wpdb->get_var("SELECT ID FROM $wpdb->posts WHERE ID = $requested_id" )
echo 'Sorry, you do not have permission to view this page';
else
echo 'Normal 404 message';
Since Role Scoper is running interference farther upstream at the DB query construction, I'm not sure I want to take any more error messaging than what is already available with the teaser option.
Time: July 8, 2008, 9:00 am
[...] that I couldn't wait for Disclose-Secret to catch up, and have converted over to using Role-Scoper. As far as I can tell, Role-Scoper does absolutely everything that Disclose-Secret did, and with so [...]
Time: July 8, 2008, 5:00 pm
[...] Role Scoper [...]
Time: July 8, 2008, 5:18 pm
[...] Role Scoper [...]
Time: July 8, 2008, 5:19 pm
[...] Role Scoper [...]
Time: July 9, 2008, 12:32 pm
Role Scoper…
Role Scoper is a comprehensive drop-in replacement for capability enforcement and administration in WordPress. Assign reading, editing or administration roles to users or groups on a page-specific, category-specific or other content-specific basis….
Time: July 9, 2008, 2:21 pm
[...] Role Scoper [...]
Time: July 10, 2008, 10:16 am
Thanks for a very comprehensive addition to the permission and role system. The documentation is quite involved and I simple want to ask this question: Can I make some category(s) accessible to registered users (subscribers) and admins only?
TIA.
Time: July 10, 2008, 10:49 am
Sure.
Define Exclusive Categories
- Go to WP admin >Roles > Exclusive Sections
- For each category of concern, click the "Post Reader" and "Private Post Reader" checkbox
- click the Update button
Assign Category Roles
- Go to Groups > Section Roles
- Select WP Role group(s) to assign category roles to
- For each category this user group gets, click the "Post Reader" and/or "Private Post Reader" checkbox
- click the Update button
- repeat for each set of category roles
Note that if category role assignments need to be more customized, you can repeat the above process for individual users via Roles > Section Roles. Or define user groups (Groups > Groups) and repeat the above process, selecting your custom group instead of WP Role group. Later you can add or remove visibility of individual posts via the Post Edit interface if you need to.
Finally, keep in mind that all the above instructions also apply to the creating, editing and publishing of posts if you designate editing roles for Exclusive Sections and for Section Role assignment.
Time: July 10, 2008, 11:41 am
[...] ist das Plugin Role Scoper noch im Beta Stadium, doch es vereinfacht das Anlegen von Berechtigungen und Userrollen, Gruppen [...]
Time: July 11, 2008, 1:11 am
[...] Description, screenshots and download on [...]
Time: July 11, 2008, 8:56 am
I've just installed the plugin and got the following error: Parse error: syntax error, unexpected T_ENDIF in C:\websites\shakey1\wp-content\plugins\role-scoper\admin\groups.php on line 238
reading the above comments I noticed line 231 started with <? - when this was changed to <?php - the error went away….
Time: July 11, 2008, 9:13 am
also exclusive_sections.php has a problem caused by a similar error which seems fixed by replacing <? with <?php on line 267 and line 312. This is using apache on XP.
Time: July 11, 2008, 9:14 am
also using apache on X, exclusive_sections.php has a problem caused by a similar error which seems fixed by replacing <? with <?php on line 267 and line 312.
Time: July 11, 2008, 9:15 am
that should be on XP (windows) , not X
Time: July 11, 2008, 2:32 pm
[...] Role Scoper Plugin for Wordpress (tags: roles plugin wordpress) [...]
Time: July 14, 2008, 6:43 am
Life saving plugin Kevin. It's just what I was looking for to make one of my sites work the way I wanted. Thanks for you time and effort - just sent a donation. Take care.
Time: July 14, 2008, 6:45 am
Forgot to mention - the documentation would be more understandable with some examples - you have some examples as a start in your comments above . . . .
Time: July 14, 2008, 11:43 am
[...] Role Scoper [...]
Time: July 15, 2008, 12:40 pm
Hi Kevin, This looks like a great plugin and I have been looking for something like this - only I am getting a 500 Internal Server Error when I try to activate the Plugin. I had Role Manager installed but deactivated it before attempting to activate yours — any ideas why I get this error?
Keep it up, Robert
Time: July 16, 2008, 1:30 am
[...] Role Scoper [...]
Time: July 16, 2008, 2:14 am
Robert,
I haven't seen or heard Role Scoper cause that kind of error, and don't have any initial guesses how it would.
Can you possibly e-mail me a copy of your php error log and (if it's not confidential) .htaccess file?
Time: July 16, 2008, 3:43 am
Thank you, Clive, for the donation. It's encouraging.
The Role Scoper Usage Guide now includes a How To section with some step-by-step instructions. To be expanded to cover editing roles and other topics…
Time: July 16, 2008, 3:31 pm
I am also getting a 500 internal error when i activate the plugin…
Time: July 16, 2008, 3:53 pm
Hey Kevin, thanks for this wonderful plugin! I upgraded to WordPress 2.6 today and seem to be having an error when saving pages and posts. When I click save, the page shows all the Role Scoper options without styling and has
"Warning: Cannot modify header information - headers already sent by (output started at /home/ascensio/public_html/wordpress/wp-content/plugins/role-scoper/admin/filters-admin_rs.php:536) in /home/ascensio/public_html/wordpress/wp-includes/pluggable.php on line 770″
at the bottom. The page did save, but that still happens everytime.
Time: July 16, 2008, 4:02 pm
Thanks, Mike, for that report. I'll look into it soon and contact you if I can't reproduce on my installation.
Time: July 16, 2008, 4:58 pm
Any WP 2.6 users who want to eliminate this annoyance prior to the next Role Scoper revision can edit plugins/role-scoper/admin/filters-admin_rs.php as follows:
Change
function flt_theme_root($path) {
if ( awp_ver('2.5') ) {
to
function flt_theme_root($path) {
if ( awp_ver('2.5') && empty($_POST) ) {
Time: July 16, 2008, 5:03 pm
It does only occur with pages, not posts.
Time: July 16, 2008, 8:36 pm
Kevin, thanks for the offer, but I managed to work around the 500 error. I still don't know where it came from but after a fresh install of WP, and Role Scoper being the first plugin to activate, it works like a charm.
On the old installation, I have been experimenting with another role managing plugin and WP Members, maybe they messed up the database so that even after they were deactivated, Role Scoper ran into some problems.
Thanks again, great work! Keep it up Robert
Time: July 18, 2008, 4:48 pm
Hi,
Firstly I would like to say - great plug-in! - really well conceived design approach - its rare to find software developers taking a 'proper' and 'usable' view of access control features; but you certainly seem to have.
i think that this app, together with the user roles and capabilities plug-in role_manager should be incorporated into WP Core - its that important for a bona fide cms.
One slight bug I've found so far:
Upon logging on as Admin and Creating/Editing a new Page and assigning 'Readers', 'Groups' , [WP Subscribers], and then Saving, then I get presented with an 'un-styled' view of the same admin page, plus the following mesage at the bottom of the page:
'Warning: Cannot modify header information - headers already sent by (output started at /home/fhlinux171/s/systemcore-epublishing.co.uk/user/htdocs/wordpress/ wp-content/plugins/role-scoper/admin/filters-admin_rs.php:675) in /home/fhlinux171/s/systemcore-epublishing.co.uk/user/htdocs/wordpress/ wp-includes/pluggable.php on line 770′
I haven't tested thoroughly yet, nor traced it, but it looks like a fairly simple bug to fix.
Any thoughts?
Time: July 20, 2008, 8:55 pm
Rob, Check three comments above yours.
- -
I noticed a new problem with 2.6. I cannot edit groups, edit members, or click the name within object role assignments without forcing a login screen that won't process the login - it just keeps refreshing. Is this being experienced by anyone but me?
Love the job you've done kevin.
Time: July 20, 2008, 10:33 pm
I found out the problem. All of the links I mentioned (as well as the submit buttons) all reference domain.com//wp-admin… so it's adding a double slash instead of a single one.
Time: July 20, 2008, 10:37 pm
Sorry, again for another post. I noticed you made updates today. You rock!!!
Time: July 22, 2008, 12:28 am
[...] Role Scoper,提供一个快速、详细的用户权限分配界面。 WordPress的用户权限管理部分从来都是模糊不清和配置困难,本插件提供一个更加明确的权限配置界面,支持对多个用于应用规则。这个插件很适合共笔的Blog。 [...]
Time: July 22, 2008, 10:50 pm
Rob, that bug that caused the funky styling and PHP warning on page save is fixed now.
Time: July 23, 2008, 1:03 pm
I am having some issue setting this up properly.
I have a site with many pages and several categories.
I want to add an author, but only give him access in the control panel to publish to a subcaategory.
I thought i had set it up properly, but when I tested it, the control panel showed all categories and let me publish to any of them I liked.
How do I go about setting this up properly?
Excellent plugin by the way.
Time: July 24, 2008, 6:52 pm
Darrell,
I just answered this question in a forum post.
You should also check the release notes for 0.9.27.
Time: July 26, 2008, 1:46 pm
I would like to restrict certain users from being able to select a page template when they post. It would be great if those specific page templates did not even show when they created a page, but would show the permitted ones. Is this something that this plugin could be modified to handle? Thanks, Ed
Time: July 28, 2008, 12:22 am
Kevin - I have a usage question. Before I get excited - could you please tell me if I can use this plugin to control a wp website based on Pages only (not blogs) to allow or restrict viewing/access of menu options(Pages) or page content based on a login via a membership plugin like amember, where each member is tied to one of the roles in wp and each page is designated an access level tied to roles? Please say yes! I am using wpremix2 themes and have hidepost and rolemanager activated - but am searching for a solution and this may be it. These are users not wp content contributors so it just is to read pages and access links and content on those pages.
Thanks - Arnold
Time: July 28, 2008, 4:05 am
Hi Kevin - I am on WP 2.6. I installed role scoper and I see under Write, Post, Advanced Options - Readers, Contributors, and Editors - but in Write, Page, I do not see these under Advanced Options, but rather under the Select Template under the WP Remix 2 Add Template File category just above the Advanced Options. So for some reason there is a code conflict - http://www.wpremix.com — it shows Readers, Contributors, Editors, and Associates.
Thanks - this plug in looks really cool - but this situation is stopping the use of it. I reported this situation on the WPRemix Theme forum also - but stated that your plugin is powerful and can extend his powerful Theme system by a lot if I think I what I see is so. But I could not try it because of the conflict.
Thanks
Time: July 28, 2008, 1:31 pm
[...] to the Role Scoper plugin here, the download link is on the page. Role Scoper is a plugin that enables and enhances the [...]
Time: July 28, 2008, 1:34 pm
[...] to the Role Scoper plugin here, the download link is on the page. Role Scoper is a plugin that enables and enhances the [...]
Time: July 28, 2008, 5:46 pm
Arnold,
The conflict stems from the absence in the WP core of a hook (dbx_page_advanced) for inserting custom entries under "Advanced Options". It was present through WP 2.3, then dropped and I haven't taken up the cause with the WP core team yet. Instead I make use of another hook (theme_root) which normally fires at the desired time. Apparantly WP Remix makes it fire earlier.
I have a workaround in mind, but since WP Remix is a paid product and I don't have a copy, please let me know if this works. In plugins/role-scoper/admin/filters-admin_rs.php, replace function flt_theme_root with the following: [code snippet removed; fix is included in updated Role Scoper releases]
Time: July 28, 2008, 8:31 pm
Hi, Great plugin, thank you.
I have one question: I would like to use your plugin to restrict some categories to some groups of users. If some one logs in he should see all unrestriced posts/categories plus his own. It works fine. But where user is not logged in as any role he can see all, and I want to hide some groups for him.
Is it possible?
Thanks, Mariusz
Time: July 28, 2008, 9:02 pm
Thank Kevin - I was making the change and then tried to launch WP then I got a 500-internal-server error — so I am trying to recover and get WP to work so I can test this code. I will let you know as soon as I am back up again. Maybe the .htaccess file got corrupted? Not sure yet.
Time: July 28, 2008, 9:12 pm
nope - can't even find a .htaccess file — still searching - sorry i really wanted to test that right away.
Time: July 28, 2008, 9:14 pm
Mariusz,
Yes, you can limit read access by category. I describe that in the Usage Guide.
Time: July 29, 2008, 8:56 am
Okay, thanks to Arnold's cooperation I tracked down the WP Remix conflict. This was my fault for not noticing the do_meta_boxes action introduced in WP 2.5
In plugins/role-scoper/admin/filters-admin, change:
[code snippets removed; fix is included in updated Role Scoper releases]
Time: July 29, 2008, 9:45 am
Kevin - - that shows correctly now for Pages! Thanks for your quick response in fixing this situation. I am excited to use your comprehensive plugin.
Time: July 30, 2008, 4:59 am
Hi Kevin,
I managed to set up categories and roles for them. Now when I log in as 'footballer' I can see only his categories. But when I'm not logged in I can see all categories and I should see none. Is it possible to do?
Time: July 30, 2008, 5:11 am
To avoid unlogged users seeing all I set posts to private. But role 'teacher' can see private posts of 'footballers' even If in setup he should see only his category.
And when post are private and I set 'footballers' to see them, their category is not listed on the side bar. Am I doing something wrong or plugin doesn't have capabilities I need?
Time: August 1, 2008, 12:21 am
Kevin - trying to understand how to control granting or denying access to a page and page content without putting each member/user in the WordPress user list. Is there are way to just use the role user level value linked to my member in my membership database?
Time: August 1, 2008, 10:14 am
@Mariusz - did you set Exclusive Section Roles for those categories?
Time: August 1, 2008, 10:22 am
@Arnold - I'm not sure what you mean by role user level. Is that something aMember introduces - maybe using the deprecated WordPress numeric user level which preceded the roles system? I'm going to look into aMember today or Monday.
Time: August 4, 2008, 5:34 pm
Dear Kevin!
Thank you so much for your effort and this wonderful plugin!! 
I've been using the Disclose Secrets plugin for a while, but since it has not been updated for a long time and I wanted to update my WordPress, I'm now using yours. It was quite a piece of work to edit all the old entries but it's worth it. I could not blog without your plugin because I just want certain people to read private things. Honestly, I don't know why a feature like this still isn't part of the WP core?!
Please keep up the good work!
I have also a question: Is it possible to turn off the text in the user's profile that shows to himself in which groups he is a member and the list of posts he can read because of that? The list can become quite big and I don't want the users to see to which group they belong to. I don't want anyone to get offended by recognizing that he cannot read the super confidential things.
Greetings from Germany!
Time: August 4, 2008, 8:41 pm
Jessica,
Glad to hear it's working well for you. Thanks for the encouraging words; I do enjoy all the overseas acquaintances Role Scoper has brought me.
There is currently no option available to hide that info. However, you can force it by editing admin/filters-admin_rs.php as follows:
add the following code to the top of the functions ui_user_groups and ui_user_roles, just after the opening {
if ( strpos( $_SERVER["REQUEST_URI"], "profile.php") && ! is_administrator_rs() ) return;
Time: August 5, 2008, 5:12 pm
Hello Kevin!
Thanks for your quick reply!
It works! Thank you so much.
Time: August 8, 2008, 11:14 am
[...] Role Scoper lets you define roles and groups to manage privileges amongst several users This seems to be a very ambitious plugin that will seriously help multi user blogs. To be honest I didn't test it and gave a quick glance at the code, which looked clean and very well commented, but this is obviously not a plugin you can really judge in a few minutes. What I did like though, and hence this mini review despite my lack of insightful comments, is the explanations, their content and their tone. Very well put, clear, detailed but not overwhelming. Or maybe it's just that this plugin rang some bell in me? I'm pretty sure that this plugin will be something I'll remember and point to when I get questions about role managing. [...]
Time: August 18, 2008, 4:11 am
[...] Moving a line in ec_js.class.php:5 to place it in the class EC_JS(). Problem reported by Maida, whom I thank very much, for compatibility with the plugin Role Scoper. Solution provided by the author of Role Scoper. [...]
Time: August 20, 2008, 8:47 pm
[...] to write dirty patches, just throw some add_filters() in (hat tip to Kevin Behrens and his plugin Role Scoper for inspiring [...]
Time: August 25, 2008, 1:03 am
[...] Role Scoper Plugin for Wordpress | Agapetry WordPress: Capabilities, Roles and Wish Lists Whenever you access a WordPress site, the software considers what you are trying to do: read a post, edit a page, manage categories. Most sites allow you to read posts and pages without logging in. Any other operation you may request is permitted only if your user definition (as identified by login name and password) includes a corresponding capability. [...]
Time: August 25, 2008, 6:56 am
[...] the Role Scoper plugin, by Kevin Behrens. It’s still in development, but it offers the level of control my client is [...]
Time: September 5, 2008, 5:34 am
Hi Kevin!
I'm afraid I have to bother you with another question.
Since WP 2.6 I'm using the tagging system of WordPress itself instead of Simple tagging. By now, the tagcloud just displays the tags used in public posts, those of private posts are ignored even if I'm logged in.
I wonder if it is possible to make wp_tag_cloud / wp_generate_tag_cloud work with your plugin so that the tagcloud displays the tags of all posts the current user is allowed to see due to your plugin.
That would be pretty cool.
(Simple Tagging and Disclose Secrets for some reason just did that, but I do not want to switch back to one of those plugins.)
Greetings,
Jessica
Time: September 13, 2008, 9:26 pm
Amazing Plugin. Thanks for Sharing.
Time: September 17, 2008, 8:14 pm
Hi Kevin, thanks for your awesome plugin… it's sorely missing from WP.
I've run into a few snags with the plugin, not sure what is causing it.
I had it installed and working, and was clicking on some of the options for it, when it completely killed my site. Both backend and front went down.
I removed the role scoper folder from the plugins folder, and it came back ok. But everytime I add it back, it takes the site down.
I then went in and deleted all of the tables that were related to RS… and again the blog came back working.
However, as soon as I upload the RS folder and try and activate it, it crashes everything again. Looking at the values in the datasbase, it appears that there is data from the previous install in the new tables created when activating the plugin. How can that be? I dropped the tables!
The tables for this plugin are: wp_user2role2object_rs wp_user2group_rs wp_role_scope_rs wp_groups_rs
Are there any others or data put somewhere that I am missing? Help, I can't seem to get this functionality back up and working.
This is on 2.6.2 Can reproduce with any or none of the other plugins I'm using:
Cimy User Extra Fields Role Manager Page Category Plus
Time: September 18, 2008, 9:47 am
Todd,
Role Scoper also maintains a cache of the role settings in wp-content/cache. A corruption of that cache may or may not be the cause of your problem. For diagnostic purposes, please zip the cache folder and mail me a copy (I'll send you my address). Then to return to a clean slate, delete the contents of wp-content/cache.
I can't imagine any scenario where cached values would be reinstated in newly created db tables on plugin activation. Did only certain data/tables seem to be carried over, or pretty much everything?
Let me know if you can remember which options you set just before the site crashed.
Time: September 21, 2008, 12:27 pm
I have two WP blogs for myself, and have installed some for our clients. Simple to use, easy enough to modify, definitely a great product. Good Plugins!
Time: September 22, 2008, 12:55 am
It works! Thank you so much
Time: September 22, 2008, 2:42 pm
wow this plugin looks to be exactly what i want. i installed but i'll be honest i'm too scared to flicking switches and buttons incase i screw my blog up.
i have quite a simple user case scenario that i want to set up for just adding new authors and then setting what new authors (and therefore existing authors) can do.
is there anyone out there who can help me?
Time: September 22, 2008, 6:22 pm
You can disregard most of the Options and Realm settings, as the defaults will work well for most installations. Beyond that, please see the Usage Guide. I'm working an a revision with an improved administrative interface (more inline help, more intuitive menu and form layout, better bulk editing). Unless you have a question on a specific point that's not covered in the Guide, we're probably both better off having me focus on getting the friendlier version out.
Time: September 22, 2008, 9:25 pm
[...] Role Scoper [...]
Time: September 26, 2008, 1:41 pm
Todd Lambert just reported via e-mail that his installation is now working after dropping Role Scoper's tables again and re-installing.
Time: September 30, 2008, 12:59 am
[...] Dave's pick: Role Scoper Plugin [...]
Time: September 30, 2008, 11:55 pm
[...] Dave’s pick: Role Scoper Plugin [...]
Time: October 9, 2008, 11:42 am
Well, this module seems to solve a lot of problems for us. But I don't seem to get it exactly how I want it. For instance, using the author-group as a basis I want to restrict access to that group, only allowing it to post to one category.
I managed to do that, by first revoking rights, and then assign a Section Role of Post Author to "author".
But now it is not possible anymore for an author to edit their own posts. When I change the section role editor, it suddenly gets the right to edit ALL posts in that category (and when the user posts, he will post as "admin").
I want a mixture of those two situations (able to post and edit own posts).
What am I missing here?
Time: October 15, 2008, 11:42 pm
Great plugin. The detail is amazing. I am, however, having a problem. After install I am getting the following error:
Warning: in_array() [function.in-array]: Wrong datatype for second argument in /html/blog/wp-content/plugins/role-scoper/admin/admin-bulk_rs.php on line 49
Warning: in_array() [function.in-array]: Wrong datatype for second argument in /html/blog/wp-content/plugins/role-scoper/admin/admin-bulk_rs.php on line 51
Unfortunately this issue is severe enough that it is preventing my page restriction from working. Any ideas what this code be or is it likely some conflict on my end?
Time: October 22, 2008, 2:21 pm
[...] Role Scoper [...]
Time: October 29, 2008, 10:31 pm
If I have a series of pages for public consumption and members consumption but then a series of 5 additional pages for members only, does RS give me the ability to password the members only as a "section"? IOW, I'd like a Member's Only Log In as the parent and the 5 additional pages as the children to be displayed on the sidebar ONLY after the password is entered. The problem now is that the 5 child pages show up in the sidebar even though they're underneath the passworded parent.
Is this what RS does? I want to know before going through a lot of work for nothing, please.
Thanks.
Time: October 30, 2008, 4:52 pm
[...] after playing around in the last days a bit, it seems that my goals can be partially resolved using role scoper. well, not perfectly, but at least to some extend. (so there's still the need to write the [...]
Time: October 31, 2008, 12:14 pm
Hoib,
Role Scoper would allow you to hide a page (and its subpages if you so choose), displaying it only to users you specifiy. Menu links visibility follows page readability.
It does sound like there's one area where we're "not on the same page": RS Roles (in your case, to make a restricted post/page readable) are based on a user login/password, NOT a page-specific password.
Time: November 5, 2008, 1:33 am
Hello Kevin, Thanks for the great plugin, but I'm getting this error. "wp-content/plugins/role-scoper/hardway/cache-persistent.php on line 35″ I'm pretty new at all this. Any help would be greatly appreciate it. Thanks in advance. Puela
Time: November 7, 2008, 8:16 am
Hi, congrats and thanks for this excellent plugin.
I haven't tried it out fully yet (there's a lot to it), but i am pretty confident it should cover most future access control requirements i might come across.
question: should it work with wordpress mu?
i am aware that role_manager plugin http://www.im-web-gefunden.de/wordpress-plugins/role-manager/ isnt yet formally supported on mu, however i think i have the two 'sort of working' together in an mu environment - alongside a hacked version of the 'More-Privacy-Options' plugin - http://wpmudev.org/project/More-Privacy-Options.
i am interested in working with others to produce a stable solution based around this config. can you (or anyone else) offer any further advise/guidance/experience in this direction?
thanks again
Time: November 7, 2008, 6:59 pm
In very brief trials, I have found Role Scoper to function normally when installed for any individual blog on a mu site. You will have a separate Role Scoper configuration for each blog. However, all site users are available for role assignment without the need to register them on the specific blog.
Time: November 10, 2008, 5:09 am
Hi Kevin,
Amazing plugin - kudos to you!
Not sure if I am doing something wrong (or misunderstanding the use of the plugin), but I cannot get post specific restrictions to work. Category works great.
So, having no other restrictions set, I go to Restrictions > Posts and set a default Post reader restriction. If I then look at an individual post, I see Readers - restricted role in advanced options, but I can still see post in the blog when not logged in.
If I set a group (eg administrator) for that individual post, I see Readers (restricted role, 1 group), but post still visible when not logged in.
I have to set the individual post to 'Private' to hide it from not-logged in visitors, or set a category restriction.
Cheers Rob
Time: November 10, 2008, 5:59 am
(sorry, I posted comment before seeing the forum link)
Time: November 10, 2008, 6:14 am
[...] Similar plugins: Role Scoper [...]
Time: November 10, 2008, 11:54 am
[...] Similar plugins: Role Scoper [...]
Time: November 13, 2008, 8:18 am
[...] Similar plugins: Role Scoper [...]
Time: November 14, 2008, 11:46 pm
[...] Similar plugins: Role Scoper [...]
Time: November 15, 2008, 6:44 am
[...] are a lot of other great WordPress plugins out there that we use occasionally. Role-scoper, which I talked about here is one, as is StatPress Reloaded, which we use because some clients find [...]
Time: November 17, 2008, 8:55 am
Thanks for an excellent plugin Kevin!
I am still trying to find my way around the complexities of various roles and permissions and wondered if you could answer a quick question for me?
I have a post role called 'Private Post Readers' granting access to premium posts. I used the 'Hidden Content Teaser' window to add a suffixed (p) graphic to appear after Premium posts for anonymous users. However when I am logged out (ie: anonymous) and look at the recent posts list all the posts whether premium or not are marked with the (p) graphic.
Any idea what I am doing wrong?
Thanks again for the excellent plugin.
James
Time: November 17, 2008, 11:29 am
James,
By "recent posts list", do you mean a sidebar list or the main WP posts list?
What makes your posts premium or non-premium? Are some (or all?) set private by WP? Set as restricted (directly or via category / default restriction) by Role Scoper? Any of these would cause the hidden content teaser to jump in on the anon user.
Time: November 23, 2008, 9:11 pm
[...] to the Role Scoper plugin here, the download link is on the page. Role Scoper is a plugin that enables and enhances the [...]
Time: November 29, 2008, 3:01 am
[...] Similar plugins: Role Scoper [...]
Time: November 29, 2008, 3:01 am
[...] Similar plugins: Role Scoper [...]
Time: November 29, 2008, 11:46 am
Hoib,
Role Scoper would allow you to hide a page (and its subpages if you so choose), displaying it only to users you specifiy. Menu links visibility follows page readability.
It does sound like there’s one area where we’re “not on the same page”: RS Roles (in your case, to make a restricted post/page readable) are based on a user login/password, NOT a page-specific password.
OK, Kevin - I seem to have gotten off on the wrong foot with my understanding of WP as a whole and RS in particular. Just confirm for me please: In order to use RS, I have to have a system whereby the member has to actually log in - username/password - right? IOW, how's it going to know what role to assign if we don't tell it an identity? I was trying to keep it as simple as possible and not have to mess with administering usernames/passwords for members individually. I suppose I could give everyone a single username/password combo. Our members won't be doing a lot of posting of comments/editorials. Mostly info output only.
Just confirm for me please that I've correctly understood how "roles" get defined in WP…
Thank you.
Time: November 29, 2008, 1:14 pm
Hoib,
Yes, you've got it right. Both the WP roles/capabilities system and Role Scoper's extension of it are based on a username/password login.
Time: December 3, 2008, 5:38 am
[...] Похожие Плагины: Role Scoper [...]
Time: December 4, 2008, 7:09 am
[...] Role Scoper Plugin for Wordpress | Agapetry - [...]
Time: December 12, 2008, 7:35 pm
[...] Roles and their Capabilities. Also you can create new Roles and Capabilities." There is also Role Scoper to be considered; I'm gonna need to roll something like this into [...]
Time: December 14, 2008, 5:21 am
[...] take place and keep the content secure. The solution to that issue has come in the form of the Role Scoper plugin that offers even greater granularity to admins to control [...]
Time: December 19, 2008, 9:43 pm
[...] I researched different options using existing WordPress plugins, such as Role Scoper, [...]
Time: December 23, 2008, 4:17 pm
This is great! This plugin is exactly what I'm looking for. If it works well, I'm sure to donate! Thanks again!
Time: December 24, 2008, 10:57 am
Hey ! Nice plugin but :
- conflict with the "Open ID" plugin… - I get this when trying to assign a group to a limited set og pages :
Fatal error: Unsupported operand types in /homepages/16/d263912724/htdocs/blog/wp-content/plugins/role-scoper/admin/admin-bulk_rs.php on line 659
FIY : - hosted with 1and1 in France - blog URL : http://blog.henryk.fr - WP 2.7
Time: December 24, 2008, 11:57 am
Posted it in the forum !
Time: December 26, 2008, 8:40 am
Хм… Вы бы знали что про Вас пишут в других блогах
Time: December 28, 2008, 8:16 am
Да уж, это действительно непросто.
Time: December 29, 2008, 3:50 pm
Does Role Scoper allow you to limit the kinds of posts an author may add? As in, what if I wanted an author to only be able to post photographs or movie files?
Time: December 29, 2008, 4:28 pm
No, Role Scoper cannot control what type of upload someone posts. The best you could do would be to dictate which categories a user can author in. Then if if they put a movie in the photo category, you edit it and/or banish them.
Time: December 29, 2008, 11:10 pm
[...] Similar plugins: Role Scoper [...]
Time: December 30, 2008, 3:56 pm
Could you walk me through your plugin? I've been going through it and could use some clarification. Could you email me?
I don't see the Object Roles you mention in the screen shots at the top of the page and in the notes.
[Category Roles for Wordpress pages are disabled for this blog. Object Roles can be assigned to individual pages, and optionally propagated to sub-pages. Another option is to categorise pages via the Page Category Plus plugin.]
Also, do I understand this correctly? I can have a WP role of editor. Then use Restrictions to prevent this person from doing anything more than author for a specific category. Would I check the boxes for all roles below and including author, or just author?
And vice versa, I can have a WP role of author. Then use Roles to allow this person to be an editor for a specific category. Or do I use Restrictions to allow them more access?
I could use a walk through of your UI.
Time: December 31, 2008, 6:12 pm
I think I figured it out.
First you click on Restrictions and select the roles you want restricted for the categories or posts or pages.
Then you click on Roles and select the people or groups that you want to give special access/roles to for each Restricted category or post or page.
That's not so tough once you figure it out. It took quite a bit of figuring though for such a helpful tool.
Time: December 31, 2008, 7:03 pm
[...] what plugins will we need? I am going to use Role Scoper, by Kevin [...]
Time: January 3, 2009, 8:08 am
Would like to ask if this plugin has the capability to limit the number of entries an author can post in a day. For example, I want AuthorXXX can be able to post only two entries in one day.
Time: January 4, 2009, 9:49 am
Вот это да… Мне кажется, минусы намного превосходят плюсы. Думаю, не стоит заморачиваться.
Time: January 5, 2009, 6:44 am
Люблю тексты в таком духе! Спасибо вам огромное
Time: January 5, 2009, 11:54 am
@Константин
Можете вы пожалуйста перечислить минусы? Возможно я могу объяснить или улучшить его.
Time: January 5, 2009, 2:01 pm
@Ramil,
No, Role Scoper cannot limit the number of posts per day. That might be better handled by a separate plugin.
Time: January 5, 2009, 2:17 pm
@Walter:
Yes, due to user feedback I recaptioned "Object Roles" as "Page Roles" and "Post Roles".
The screen shots in the Usage Guide are not yet updated to reflect that change. Thanks for working through it anyway.
Time: January 6, 2009, 3:40 am
Любопытно написано, но как говорится, для более точного представления нужно минимум три источника
Time: January 9, 2009, 2:19 pm
Hi–This is exactly what I've been looking for! Great work. I'm hoping you can tell me what file the edit-form-advanced modification for the category_checklist would be in.
I'm working to display categories on the add post panel in columns, and with this plugin I'm guessing I'd want to make the adjustments there?
Thanks in advance!
Time: January 9, 2009, 3:36 pm
Beth,
You can limit available posting categories by setting restrictions (Restrictions > Categories) on Post Contributor, Post Author and possibly Post Editor. The actual settings will depend on what classes of WordPress users you want to restrict. After restricting a category, you can also make it available to selected users by setting Category Roles (Roles > Categories).
I don't know what you mean by displaying the categories in columns, but if your solution calls the WP function get_categories (or get_terms), the restrictions and roles will be applied.
Time: January 9, 2009, 3:50 pm
…Nevermind. I ended up shrinking the text size of my category checklist so I could see everything.
I am now trying to turn off the object roles boxes that show up on the Add new post screen. The whole point of limiting the categories that appear for Authors was to declutter that area, and so having these boxes (which won't be used by contributors) defeats the purpose.
Great plugin altogether though. Nice work!
Time: January 9, 2009, 4:05 pm
With the current Role Scoper version (1.0.0-rc8), the Edit Post/Page form does not display role assignment tabs to Contributors.
Thanks for the appreciation.
Time: January 9, 2009, 4:26 pm
Kevin–thanks for your responses. I still need some help decluttering the Author area as Authors won't need the role assignment tabs. I had to elevate users to Author status because it's important that they can change the date of publication (we post a lot of links to past news articles and order them by their original publication date).
Therefore I need to keep the Author status, but I'm hoping to remove those role assignment tabs.
Time: January 9, 2009, 5:08 pm
There's currently no way to hide the role assignment boxes from authors on a new post. I'd like to think on this more before implementing an option to do so. But you can put the following code in plugins/role-scoper/admin/filters-admin-ui_rs.php, in function add_meta_boxes - at the top of the function, just after the opening curly brace:
global $current_user;
if ( empty($current_user->blog_roles['rs_post_editor']) ) {
remove_action('do_meta_boxes', array(&$this, 'act_tweak_metaboxes') );
return;
}
This will be your private hack, and will need to be reinstated each time you upgrade Role Scoper. However, I'm leaving that code commented out in the main source to make it easy for you.
Time: January 9, 2009, 5:27 pm
Huge thanks!
Time: January 13, 2009, 2:25 pm
How i can do, when a Author, post something to, wait for my rewiev ?
Time: January 20, 2009, 4:40 pm
[...] Role Scoper Plugin for Wordpress | Agapetry (tags: security community free wordpress user) [...]
Time: January 21, 2009, 9:22 pm
hey, using your plugin so that one of the users ive created can read private posts too. got that all set up fine. they can see the private posts and now search for them in the search bar.
however the private posts arent coming up in the "recent posts" section, and the tags assigned to the private posts arent in my tag cloud.. any way of getting that to work?
Time: January 22, 2009, 1:03 am
mayan,
For the time being, you will need to perform two hacks to the WordPress file wp-includes/widgets.php:
change:
$r = new WP_Query(array('showposts' => $number, 'what_to_show' => 'posts', 'nopaging' => 0, 'post_status' => 'publish', 'caller_get_posts' => 1));
to:
global $scoper;
$status = ( empty($scoper) ) ? 'publish' : '';
$r = new WP_Query(array('showposts' => $number, 'what_to_show' => 'posts', 'nopaging' => 0, 'post_status' => $status, 'caller_get_posts' => 1));
change:
wp_tag_cloud();
to:
wp_tag_cloud( array('hide_empty' => false) );
I'll put in a request with the WP team to make those functions more filterable.
Time: January 22, 2009, 3:19 pm
Kevin your support is really appreciated, thankyou!
recent posts works perfectly. it shows the recent private post for logged in users with private post permission, and disappears if you are not logged in.
however the tag cloud does now show private post tags, but it shows them to people who are not logged in as well hmmm
Time: January 22, 2009, 9:02 pm
I have added proper tag filtering to the updated Role Scoper Development Snapshot version.
You should undo the wp_tag_cloud hack in widgets.php file. Change it back to:
wp_tag_cloud();
Time: January 23, 2009, 2:06 pm
Again thanks alot kevin, however when i installed the development snapshot plugin the new tags did show, however the tag cloud isnt working properly and picking up posts, they all link to nothing and are the same size 
im going back to the older role scoper version and keep trying to find a workaround
Time: January 23, 2009, 4:46 pm
Okay, I fixed the tag cloud sizing problem in the updated Development Snapshot
I don't see any problem with the tag links, though. What WP version and permalink settings are you using?
The only caveat I'm aware of now is that the sizing will be based on total posts with the tag - including posts the user can't read. At this point, filtering the tag sizing seems more trouble that it's worth. If it proves hugely important to folks, I will reconsider.
If you have any other feature requests, please post them in the Support Forum.
Time: January 24, 2009, 10:17 am
Role Scoper - V1.0.0 RC1 - Roles > Posts > yields: Fatal error: Unsupported operand types in /home/stmichaels/public_html/wp-content/plugins/role-scoper/admin/admin-bulk_rs.php on line 647
Time: January 24, 2009, 12:13 pm
That bug has already been fixed. Please try the current release candidate or the development snapshot
Time: January 28, 2009, 5:55 am
Any chance to protect RSS-Feeds like Disclose-Secret does?
Time: January 29, 2009, 7:16 pm
Yes, I have additional RSS filtering options under development for the next release candidate.
Time: January 31, 2009, 10:07 am
Hello,
Your plug in looks promising, but I'm getting a fatal error when I install it.
After I installed your plug in, whenever I try to edit this page ( ), I get this error:
"Fatal error: Allowed memory size of 33554432 bytes exhausted (tried to allocate 266375 bytes) in /home2/tpsevnin/public_html/wp-includes/formatting.php on line 79″
right in the Wordpress post edit screen.
I've deactivated your plug in so you can see the page.
Rafa
Time: February 1, 2009, 9:39 am
Thank you very much for your efforts, i will wait for the next RC then
Time: February 3, 2009, 2:43 pm
Rafael,
Please see my commentary on the topic of memory usage here in the support forum.
Time: February 7, 2009, 8:41 pm
Can I ask you if you are aware of the fact that events-calendar posts seems to ignore the restrictions set on the roles. For any user/role of the website they are visible even though they should not. Any though on this regard.
There is a discussion about it on wordpress. Here is the link: http://wordpress.org/support/topic/237970.
Massimo.
Time: February 8, 2009, 10:46 am
Hey, I'm using your plugin for an educational project. I'm having issues getting any links to display using wp_list_bookmarks() when Role Scoper is activated. What is the work around for that?
Time: February 11, 2009, 12:55 pm
[...] I've found which allows for some very fine customisation of user roles and permissions is Role Scoper. You'll find it very hard to come across any other plugin that offers the level of support [...]
Time: February 11, 2009, 10:56 pm
Ben, I've published an updated version of Role Scoper which corrects the bookmarks listing bug and several others.
Time: February 16, 2009, 1:53 pm
Right after activating your plugin, I received an error when viewing my site:
> Warning: array_diff_key() [function.array-diff-key]: Argument #1 is not an array in /home/ . . . /wp-content/plugins/role-scoper/hardway/hardway_rs.php on line 296
I searched the web to find that this is difference between PHP 4 and PHP 5 that someone had figured out how to get around: [http://drupal.org/node/36408#comment-354216]. I made this change at line 296, and the error went away.
Thanks, ~randy
Time: February 16, 2009, 4:47 pm
Randy,
Thanks for alerting me to this.
It's actually due to my misspelling of a variable name in the line you edited. $term_by_id should instead by $terms_by_id. This should not affect many installations, as the involved code block is a leftover from WP 2.3 support and serves no purpose now.
Time: February 17, 2009, 9:20 pm
This is the most amazing plugin, really well done! I have spent months testing others out there and this does exactely what I need and more, I rarely take the time to post comments but this deserved it, amazing! The only thing I would ask, is there any way to setup email notifications, so if someone edits a post the admin is notified? and if admin edits a post the user is notified?
Thanks again
Time: February 18, 2009, 4:51 pm
Mark,
Thanks for taking the time to express your appreciation.
As for email notification, that is well outside Role Scoper's intended functionality. I would check out the existing e-mail notification plugins and solicit those developers for additional features as needed.
Time: February 23, 2009, 9:18 pm
Great plug-in. Took me a few hours to figure out how I needed it to work, and then it worked great.
One question: Are there any public functions that I can use in the WP Admin screens to check capabilities? I'm trying to hide an option if a category is not allowed for the role that is currently logged in. Thanks!
-Patrick
Time: February 24, 2009, 4:55 pm
[...] Similar plugins: Role Scoper [...]
Time: February 25, 2009, 12:01 am
Patrick,
Do you need to find out if the user can read posts in the category, create/edit posts in the category, or edit the category itself?
If all you want is to know whether the user has a certain category role assigned, you can do this: global $current_user;
if ( isset($current_user->assigned_term_roles['category'][rs_post_reader'])
&& in_array($cat_id, $current_user->assigned_term_roles['category'][rs_post_reader']) ) {
// do stuff
}
I would also be interested in hearing what your main points of confusion were, and what would have made the orientation easier.
Time: February 25, 2009, 5:14 pm
Kevin,
Thanks, that did the trick. I did not know about $current_user. That object is full of good stuff.
I guess the confusion came from how I was approaching the modifications I needed. I have 4 roles that need custom names and capabilities and I started by trying to modify the RS roles within defaults_rs.php. This was the wrong approach for me.
I ended up using Groups to take care of the custom names, then I set the capabilities for Groups (instead of users/roles). I set new user WP roles to Subscriber, and add Groups to each user from there.
Nice plugin.
Time: March 1, 2009, 2:50 am
[...] causing this. well, it turns out that the old main page was doing 298 sql queries. after disabling role scoper, this jumped down to 34, with loading times more or less the same. but then, i disabled the tag [...]
Time: March 4, 2009, 9:31 am
[...] des WordPress-CMS und ihre Berechtigungen vorgestellt und gezeigt, wie man sie mit dem Rolescoper-Plugin verwaltet. Wer immer schon mal Nutzerprofile mit eingeschränkten Freigaben für [...]
Time: March 10, 2009, 10:14 pm
This looks like a good plugin. I am a little confused on how to use it though. It seems extremely complicated.
What I would like to do is create a user who can login to the admin panel but only edit a certain pre-created page. The person should be able to create subpage for that page. But that is all.
I have no idea how to do that after looking through the usage guide link. By chance could anyone give me some very simple instructions? using WP 2.7.1
Time: March 11, 2009, 5:16 pm
I see from a support forum post that Andy figured it out. Thanks for the reminder to revise the documentation.
Time: March 18, 2009, 1:08 pm
[...] Beiträgen gar nicht mehr. Auf der Suche nach einer Alternative stieß ich auf das Plugin Role-Scoper, welches nach einigen Feature-Requests meinerseits nun problemlos eine Authentifizierung im [...]
Time: March 23, 2009, 4:21 pm
I'm using the plugin and I setup the Author to post/edit, but how to I enable the author to add Tags? I can only add tags as admin.
Time: March 24, 2009, 12:58 pm
Eligio, Are you talking about adding tags via the Edit Post form, or manually via the "Add New" menu?
Time: March 27, 2009, 3:24 pm
First thank you for creating such a wonderful plugin, I have used it to great effect on a couple of blogs. The first problem that I have come up with on a new blog that me and my associates are working on is a multi language blog using the qtranslate http://www.qianqin.de/qtranslate/ plugin. This plugin allows you to have many languages on one installation. Now the bug I am having with your plugin is that when your plugin is turned on, it stops all of the categories being translated, they stick to the default language, everything else works pages, links content etc just not categories… any ideas… so when your plugin is activated wp_list_categories() does not translate…
Here is how this plugin functions http://www.qianqin.de/qtranslate/forum/viewtopic.php?f=3&t=294 http://www.qianqin.de/qtranslate/forum/viewtopic.php?f=3&t=9
So somehow your plugin is messing with the internal wp_list_categories()
Any help greatly appreciated, aswell as your plugin being the only one that really enables a true cms user base system and the qtranslate plugin is really the only one that works for multilanguage blogs, it would be really great and open your user base even larger if the two could work in harmony.
Thanks George
Time: March 27, 2009, 3:25 pm
Please disregard last post overlooked the blatantly obvious text above this comment form, sorry
Time: April 8, 2009, 3:42 am
[...] Role Scoper Plugin for Wordpress | Agapetry [...]
Time: April 9, 2009, 3:39 am
[...] Role Scoper Plugin for Wordpress | Agapetry [...]
Time: April 9, 2009, 12:45 pm
I have a question on the plugin. I need the ability to give a specific user (or maybe group) access to edit a specific page. So for instance, they have a page dedicated to them and only they (as well as admins) can edit that page. They can't create anything new.
Possible?
Time: April 13, 2009, 11:36 am
House,
The configuration you request is described in the "How-To" section of the Role Scoper Usage Guide. Scroll down to "Enabling a User to Edit Specific Page(s), and Nothing Else".
Time: April 16, 2009, 3:21 pm
After quite some time understanding, how RoleScoper works (Man, I have some knots in my brain now - but that has nothing to do with the plugin; it's more a intellectual thing… ) I got it now and it works great.
But, I have a real strange problem. At the moment I activated the plugin, the order of my postings changed from "newest first" to "oldest" first. I would be very glad, if you could help me fix this.
Time: April 23, 2009, 1:06 pm
Hello there. I am thinking of installing this plugin. I am just starting out and am still in the testing stages of my blog. I have created a dummy user named dummy1. When dummy1 logs in he has the role of contributor.
Now, when dummy1 clicks on Add New post, he can see the custom fields panel, the All In One SEO Pack panel and the WP Geo Location panel. But I don't want to give contributors access to these panels. Will your plugin allow me to do this? If not, can you please suggest a plugin that will?
I am using WP 2.7.1. Thanks in advance. Cheers.
Time: April 24, 2009, 6:13 am
hi, fantastic plugin but a lot of mistakes…when i use nextgen gallery function of your plugin the can in not use the flash uploader for my pics in the nextgen gallery! just the single upload ist ready!
it was fantastic when i take a limit for picture upload in your options the can the author just upload 5 pics or so…
stefan
Time: April 27, 2009, 6:46 am
Well Done!Thanks for your great job!
Time: April 27, 2009, 8:47 am
Thanks for sharing
Time: April 27, 2009, 1:28 pm
Perdox,
For selective hiding of administrative elements, you should check out the Adminimize plugin. I don't know if it would deal with other plugins' UI, but could definitely knock out the Custom Fields panel for you.
At this point, Role Scoper only supports the hiding of custom-entered html IDs when the logged user has an editing role for a specific post/page/category, but only a Subscriber role blog-wide.
Time: April 27, 2009, 1:32 pm
Stefan,
There is a conflict between the "Role Scoping for NextGen Gallery" extension and NextGen Gallery's flash uploader. I haven't developed a fix yet, but it appears you can still upload multiple files in a .zip
Time: April 27, 2009, 1:33 pm
Fabian,
I'm waiting for more feedback on the reverse order posts bug, as I haven't been able to reproduce it.
Time: April 28, 2009, 3:10 am
Kevin,
I am looking for a way to make all posts visible to subscribers only, once they are published, but visible to anyone (even non-subscribers), if a moderator sees fit.
Can that be done with Role Scoper?
TIA Toby
Time: April 29, 2009, 1:27 pm
Toby,
Yes, Role Scoper could accomplish your subscribers-only post visibility goal:
1) Navigate to Restrictions > Category
2) Set a Default Category Restriction on the Post Reader role.
3) Navigate to Roles > Category
4) Check the "show eligible groups" checkbox, then check "[WP Subscriber]
5) Assign the Post Reader role for every existing category, and also for "DEFAULTS for new Categories"
6) Click the update button to assign the Category Roles
Time: May 6, 2009, 6:21 pm
Wow, this looks great. I'm not a developer but have been the creator, admin, and user of several dotnetnuke sites. I was about to give up finding the role support I'm used to with DNN but this seems to have it. But I have to admit I'm afraid to install it on my WP site for fear it (or I) will break my site. What can you tell me about the danger of using it.
Time: May 7, 2009, 3:13 pm
Malcolm,
I can tell you that upon initial Role Scoper installation, your site's front end is not affected at all. Only as you begin to reduce access (by setting Restrictions) or expand access (by assigning scoped Roles) will you see any effect.
Role Scoper does not alter WordPress' own role, capability definitions or user definitions, so uninstalling it returns the site to default access.
Time: May 19, 2009, 1:12 am
Can you Role Scoper restrict access to the media libruary but still allow a user to upload an image? If not are there any options?
Time: May 19, 2009, 1:15 am
Another question. If I am disabling my existing Role Manager software (which will freeze the roles and capabilities) and installing yours. Will Scope over ride roles and capabilities as long as I reset them up through Scope? Are there any issues I need to be aware of before completing this task. Look forward to using your plugin.
Time: May 25, 2009, 3:37 pm
Peter, Users with an upload_files capability can upload files for any post or page which they can edit. It is not currently possible to further restrict Media Library access while retaining upload capability.
Time: May 25, 2009, 3:40 pm
Peter, Your current WordPress role definitions (as stored by Role Manager) remain even if you deactivate Role Manager. They will be your users' set blog-wide capabilities, and Role Scoper may be used to further expand or reduce access to specific content.
Time: June 12, 2009, 12:38 am
I have created three group and I want to set editor,Contributor group wise but I am unable to do it please help me to resolve this problem as soon as possible.
Time: June 15, 2009, 1:04 am
I have created three group and I want to set editor,Contributor group wise but I am unable to do it please help me to resolve this problem as soon as possible. Please help soon…..
Time: June 17, 2009, 2:40 am
i love RS very much, but it is make my WP 2.8 suddenly have a Wordpress Blank Screen of Death on homepage and event dashboard.
desperately need the latest compatible updated RS for WP 2.8
great work!
Time: June 17, 2009, 10:13 am
I have developed the latest version of Role Scoper with WP 2.8, and am not aware of any incompatibility. Will put some additional testing in this week before officially stating 2.8 support.
I suspect dave may be experiencing a plugin conflict.
Time: June 17, 2009, 12:39 pm
Avanish,
After creating the groups and adding users to them, go to Roles > General and assign the desired role(s) to each group. Let me know if you need further explanation.
Time: June 17, 2009, 12:48 pm
yes i think so dave, i start googling and find the solution of WSOD, they said that i must de-activate all plugins and then re-activate the plugins one by one.
Then i start to do it, what i find out is, that when i activate the RS plugin, my wordpress page got WSOD, then i de-activate the RS plugin, my wordpress page goes normal.
so, i think the RS plugin the one have conflict with WP 2.8, correct me if wrong. I use RS 1.0.3.4
Time: June 17, 2009, 12:59 pm
dave, you may be right but I just haven't been able to confirm such a conflict. I'm contacting you by e-mail about troubleshooting your site directly.
Time: June 20, 2009, 10:17 am
[...] Role Scoper ne s'arrête pas là, et pour voir la véritable puissance du plugin il vous faudra le tester. Il est possible d'utiliser les "Taxonomy" et de définir les rôles pour les articles, les catégories, les pages, les liens et enfin les groupes. Concernant la restriction des utilisateurs, une deuxième y est entièrement consacré. Pour chaque catégorie vous pouvez sélectionner les personnes pouvant les modifier, de même pour les liens, les articles et les pages. Son seul défaut est le fait d'être énormément complet, une API est même disponible pour les développeurs mais également une fonction pour installer un système de "teaser" dans vos articles. Ce plugin transforme votre blog WordPress comme un véritable CMS (Système de gestion de contenu). Une fois le plugin pris en main, votre blog multi auteur devient vraiment fonctionnel et horriblement bien organiser. [...]
Time: June 23, 2009, 11:53 am
[...] weiter — z.B. seitenbasiert — einzuschränken, kann man sich des Plugins Role Scoper [...]
Time: June 27, 2009, 11:08 am
Amazing plugin - thank you for your hard work on this one, and for helping so many other folks here on the comments. You rock!
Time: June 27, 2009, 12:52 pm
[...] Similar plugins: Role Scoper [...]
Time: June 28, 2009, 4:01 am
Hello Kevin, there seem to be some problems with the 1.04 version and restrictions and roles links (permalinks dont seem to work)
Time: June 28, 2009, 6:43 pm
I will second the comment from Ramon, I am also getting 404 errors with respect to the admin links and version 1.0.4. If I downgrade to version 1.3.4 everything seems to work just fine. Will post in the forum too.
Time: June 28, 2009, 9:37 pm
Ramon, Kenneth et al,
I'm sorry about the admin links error introduced in 1.0.4. It's now fixed in Role Scoper 1.0.4.1
Write a comment
(But if your comment is a usage question, bug report or feature request, please post it in the Support Forum instead.)