Wordpress User Role Accessibilities - wordpress

in wordpress, how to create a new user role that can only access the 'donation' sidebar function as the image below? Please help...View Image

Yes yes it is possible to do this.
You need to select the user role "Give Accountant" for the concerned user in the WordPress backoffice "Accounts" -> "All Accounts" -> Select the user and change his status.
Then you have to add these PHP instructions in your child theme
add_action( 'current_screen', 'restrict_screen' );
function restrict_screen() {
if (current_user_can('give_accountant')) {
if( preg_match('/\bindex\.php\b|\bprofile\.php\b|\bwp-admin.?$/', $_SERVER['REQUEST_URI'])) {
$current_admin = get_admin_url() .'edit.php?post_type=give_forms';
header('Location: ' . $current_admin . '', true, 301);
}
}
}
add_action('admin_init', 'disable_dashboard');
function disable_dashboard() {
if (!is_user_logged_in()) {
return null;
}
if (current_user_can('give_accountant')) {
remove_menu_page( 'index.php' );
remove_menu_page( 'profile.php' );
}
}

For user role capabilities you can also use the plugin.
Here I have shared the plugin which I like.
https://wordpress.org/plugins/user-role-editor/
I know it is a little bit longer but it is a very good plugin if in the future any changes in the requirement then the plugin will very helpful.
Here you can set the settings according to your requirement.

Related

Wordpress: How to allow some comment-actions (delete, edit...) only to specific roles?

Is it possible to customize Wordpress via action, hook or anything, that
only users of role "administrator" or "editor" may trash, spam or edit comments from the backend?
only users of role "administrator" or "editor" may trash, spam or edit comments from mail that will be generated on new comments?
I did not find anything on codex.wordpress.org as well as I did not find a proper plugin. :-/
Thanks!
I would advice using a plugin such as User Role Editor for this, but hey - heres a working code example :):
In the the class WP_Role you'll find a property named ‘edit_comment’ which is mapped to the ‘edit_posts’ thus isn't handled as a separate capability. we can however modify the behaviour by applying a filter to the selected user role we want to restrict editing comments on by using the map_meta_cap function.
Example for:
Only users "administrator" or "editor" may trash, spam or edit comments from the backend:
<?php
// Restrict editing capability of comments using `map_meta_cap`
function restrict_comment_editing( $caps, $cap, $user_id, $args ) {
if ( 'edit_comment' == $cap ) {
// Allowed roles
$allowed_roles = ['editor', 'administrator'];
// Checks for multiple users roles
$user = wp_get_current_user();
$is_allowed = array_diff($allowed_roles, (array)$user->roles);
// Remove editing capabilities on the back-end if the role isn't allowed
if(count($allowed_roles) == count($is_allowed))
$caps[] = 'moderate_comments';
}
}
return $caps;
}
add_filter( 'map_meta_cap', 'restrict_comment_editing', 10, 4 );
// Hide comment editing options on the back-end*
add_action('init', function() {
// Allowed roles
$allowed_roles = ['editor', 'administrator'];
// Checks for multiple users roles
$user = wp_get_current_user();
$is_allowed = array_diff($allowed_roles, (array)$user->roles);
if(count($allowed_roles) == count($is_allowed)) {
add_filter('bulk_actions-edit-comments', 'remove_bulk_comments_actions');
add_filter('comment_row_actions', 'remove_comment_row_actions');
}
});
function remove_bulk_comments_actions($actions) {
unset($actions['unapprove']);
unset($actions['approve']);
unset($actions['spam']);
unset($actions['trash']);
return $actions;
}
function remove_comment_row_actions($actions) {
unset($actions['approve']);
unset($actions['unapprove']);
unset($actions['quickedit']);
unset($actions['edit']);
unset($actions['spam']);
unset($actions['trash']);
return $actions;
}
?>
Code goes into your functions.php file
Thanks to #Kradyy I came around to map_meta_cap and remove_cap.
With the following in the functions.php, the links are removed in the comments section of the dashboard as well as in the email sent to the author (except for admins and editors):
global $wp_roles;
$allowed_roles = ['editor', 'administrator'];
foreach (array_keys($wp_roles->roles) as $role){
if (!in_array($role, $allowed_roles)) {
$wp_roles->remove_cap( $role, 'moderate_comments' );
}
}

How to add verified badge in front of author name across wordpress blog

Good Day,
I have been trying to add verification badge to WordPress users but I no success. I tried using administrator to do the testing by checking if user has role administrator and trying to enter code here update_user_meta (display_name) but I wasn't able to add icons to the display name.
I have as well tried creating a custom field in user profile called verify_user (text field) .... In which I entered the value "verified" and saved ... I have been searching for hooks to use but haven't seen one. I'm not sure which hook/filter to use here
Please is there any solution to adding this verification icon to author's display name in which when the word "verified" is entered into the custom field created in user profile or any other approach available (e.g if user has specific role). I don't mind if the little structure I wrote above would be changed.
Thanks
I was able to get a solution which worked exactly as i wanted. For anyone who might have same task to tackle;
function add_verification_bagdge_to_authors($display_name) {
global $authordata;
if (!is_object($authordata))
return $display_name;
$icon_roles = array(
'administrator',
'verified_author',
);
$found_role = false;
foreach ($authordata->roles as $role) {
if (in_array(strtolower($role), $icon_roles)) {
$found_role = true;
break;
}
}
if (!$found_role)
return $display_name;
$result = sprintf('%s <i title="%s" class="fa fa-check-circle"></i>',
$display_name,
__('This is a Verified Author', 'text-domain-here')
);
return $result;
}
add_filter( 'the_author', 'add_verification_bagdge_to_authors' );
The way i was able to tackle this was to create a user role called Verified Author (using add_role() function from Wordpress Codex ), which will be the role assigned to verified author across the website. All Users with Admin Role are automatically Verified while user role has to be switched from either contributor/Author role to Verified Author.
The above code was able to do 98% of the task but when a verified author / administrator comments, their display name doesn't show the verified badge. I was able to use the below code to fix that (combining the code with a shortcode).
function my_comment_author( $author = '' ) {
// Get the comment ID from WP_Query
$comment = get_comment( $comment_ID );
if ( ! empty($comment->comment_author) ) {
if (!empty($comment->user_id)){
$user=get_userdata($comment->user_id);
$author=$user->display_name.' '. do_shortcode('[this_is_verified-sc]'); // This is where i used the shortcode
} else {
$author = $comment->comment_author;
}
} else {
$author = $comment->comment_author;
}
return $author;
}
add_filter('get_comment_author', 'my_comment_author', 10, 1);
Shortcode to return the Verified Badge if user is admin or verified author
function add_verification_bagdge_to_authors_sc($display_name) {
global $authordata;
if (!is_object($authordata))
return $display_name;
$icon_roles = array(
'administrator',
'verified_author',
);
$found_role = false;
foreach ($authordata->roles as $role) {
if (in_array(strtolower($role), $icon_roles)) {
$found_role = true;
break;
}
}
if (!$found_role)
return $display_name;
$result = sprintf('%s <i title="%s" class="fa fa-check-circle"></i>', $display_name, __('This is a Verified Author', 'text-domain-here') );
return $result;
}
add_shortcode( 'this_is_verified-sc', 'add_verification_bagdge_to_authors_sc' );
Please Note: Not all Magazine theme are properly coded / have a hard coded Block and module elements, so the verified badge might not work on their block / module element. I experienced this during the whole website design process, so we had to change up theme and the only modification i had to make to the new theme was to remove the html escape added to their block/module code, so that the icon can be rendered. i.e. in their module/block code they had something like this esc_html( the_author() ) and i removed the esc_html to have just the_author() an it all worked.
Its not really a straight forward solution but that is how i was able to tackle the task without using a plugin. Just add the codes to your functions.php file and that's it. I hope it helps someone.
Thanks to Kero for pointing me in the right direction, providing the code i was able to work with and manipulate

Wordpress 4.3 hide admin bar for non administrators

After updating to Wordpress 4.3 users can see the admin bar. I use this code to hide it normally, but this is not working anymore in 4.3.
add_action('after_setup_theme', 'remove_admin_bar');
function remove_admin_bar() {
if (!current_user_can('administrator') && !is_admin()) {
show_admin_bar(false);
}
}
Any ideas?
The function current_user_can refers to capabilities or user role names. So try manage_options instead:
add_action('after_setup_theme', 'remove_admin_bar');
function remove_admin_bar() {
// 'manage_options' is a capability assigned only to administrators
if (!current_user_can('manage_options') && !is_admin()) {
show_admin_bar(false);
}
}
Instead of using the after_setup_theme action you can also add a filter (prefered for newer WP versions):
add_filter( 'show_admin_bar' , 'handle_admin_bar');
function handle_admin_bar($content) {
// 'manage_options' is a capability assigned only to administrators
// here, the check for the admin dashboard is not necessary
if (!current_user_can('manage_options')) {
return false;
}
}
Here is a 6 lines code nugget that will remove the admin bar for non contributor users :
add_action( 'init', 'fb_remove_admin_bar', 0 );
function fb_remove_admin_bar() {
if (!current_user_can('edit_posts')) { // you can change the test here depending on what you want
add_filter( 'show_admin_bar', '__return_false', PHP_INT_MAX );
}
}
Put that in your function.php file or in your custom plugin.
Thanx all for helping. Eventually the problem was a maintenance plugin. When i disabled this it was working again.
Place the code in your theme's functions.php file
if (!current_user_can('manage_options')) {
add_filter('show_admin_bar', '__return_false');
}
Disable the WordPress Admin Bar Using CSS
You only have to copy and paste the CSS code below in Appearance > Customize > Additional CSS, or your style.css file.
The CSS code to disable the toolbar is:
#wpadminbar { display:none !important;}

in wordpress 4.0 with buddypress how do I add a profile field that can only be changed by administrators

I am running a club-based wordpress application.
In it has buddypress installed into it.
What I want to do, is add a profile field whose value can only be set by the administrator of the site. I know how to add a custom field, but the default behavior is to allow the user to set it. I don't want that.
Can this be done, and if so, how?
Thank you.
Create a template overload of this file:
buddypress\bp-templates\bp-legacy\buddypress\members\single\profile\edit.php
Untested, but try changing this:
$field_type = bp_xprofile_create_field_type( bp_get_the_profile_field_type() );
$field_type->edit_field_html();
To this:
$name = bp_get_the_profile_field_name();
if( $name == 'name of your field' ) {
if( is_super_admin() ) {
$field_type = bp_xprofile_create_field_type( bp_get_the_profile_field_type() );
$field_type->edit_field_html();
}
else
echo $name . '<br/>' . bp_get_the_profile_field_value();
}
else {
$field_type = bp_xprofile_create_field_type( bp_get_the_profile_field_type() );
$field_type->edit_field_html();
}
Have you checked Advanced Custom Fields? That's an easy way to add custom fields to the pages you want.
They have some documentation on how to How to Hide ACF Menu from Clients.

How to hide media uploads by other users in the Media manager

i am using wordpress multisite and wan to hide medea which others have uploaded. Like if X User of that site have uploaded any media in the wordpress, Y User should not be able to see or access this from there login. Please help
You could try something like this.
/**
* Allow access to own content only
*/
function my_authored_content($query) {
//get current user info to see if they are allowed to access ANY posts and pages
$current_user = wp_get_current_user();
// set current user to $is_user
$is_user = $current_user->user_login;
//if is admin or 'is_user' does not equal #username
if (!current_user_can('manage_options')){
//if in the admin panel
if($query->is_admin) {
global $user_ID;
$query->set('author', $user_ID);
}
return $query;
}
return $query;
}
add_filter('pre_get_posts', 'my_authored_content');
This will only let admin and the author see the content.
You can either add it to the main functions file or turn it into a plugin.
To create it as a plugin:
Create a new file
add the code from here: http://pastebin.com/rfMLM0BU
save it as my-authored-content.php
upload it to your plugins directory.
Hope this helps you! :-)
For me works this:
function mymo_parse_query_useronly( $wp_query ) {
if(isset($wp_query->query_vars['post_type']) && $wp_query->query_vars['post_type'] == 'attachment'){
if ( !current_user_can( 'level_5' ) ) {
$wp_query->set( 'author', get_current_user_id() );
}
}
}
add_filter('parse_query', 'mymo_parse_query_useronly' );
I use this for uploaded profile picture for the user profile in front end

Resources