I need to allow access to a WooCommerce API, but give READ access to the Products only. The API works fine currently but is a security concern as it can access all information regarding customers and orders.
I have found a plugin that can do it, but it is barely used and is over 4 years since an update. https://wordpress.org/plugins/woocommerce-api-lockdown/
Has anyone got any suggestions here? I've searched the internet and can't find another solution. I'm assuming a function could be written but I don't know where to start.
Many thanks
Dan
When you create the keys you can choose to only make have it access to read. Or do you want further restrictions on what it can read?
Related
My company just set up a new service. We are going to use WordPress as our CMS. To solve the WordPress search engine issue we got the Google Search Appliance. Unfortunately after setting us the GSA the collections does not give us any results.
Does anyone have an experience with GSA and WP?
Any help appreciated.
It may not be an exact answer to your question, but you may want to look at other solutions for your Wordpress site that are not GSA. For example, Algolia has a search plugin that takes just 2 minutes to install and set up, with out-of-the-box relevance, typo-tolerance & a great analytics dashboard to monitor activity.
If there isn't a particular reason you've opted for GSA (curious to know if there is), this might be an easier solution than building out (or buying) a connect.
I´m currently developing the Intranet for the company I am working for. The site is currently based on SharePoint, but I have to migrate it to Wordpress. And that´s my first developer experience with Wordpress, you just should know. Creating the theme, content and working with the WP Admin area works very well, but where I´m feeling defenseless is the permissions topic.
Generally, the whole page content is managed by the Marketing department. So, for me it is ok that they have access to WP Admin and I would use one of the predefined roles available.
But there will be also an area for the departments where specified users per department should be able to
edit the pre created page content
add subpages and edit its content (it would be nice if it can be defined which page templates can be selected by the user)
add posts for a pre created category (that should not be changeable by the user)
edit its profile and password
A whole access to WP Admin should be therefore prevented.
I read much information about roles, capabilities and reviewed forums and blogs presenting potential plugins. But to be honest, I´ve lost the overview and I´m totally scared about what´s the right way to do such like this the professional way.
Is there anybody who was already in such a situation or knows a good resource where to read more?
Thanks a lot.
John
PressPermit is the tool I choosed. It covers all needs described in my question.
Note: To use all features, you need to buy a support subscription currently available for $55 a year for one site.
However, a very powerful tool and in comparison to Advanced Access Manager I tried before, it really supports permissions also for multiple roles.
If you are thinking about, use the screencasts to see if the tool cover your needs. Unfortunately, there is no trial available, but you can request an evolution wordpress installation which was setup within one day in my case. This service costs $5.
I have working on wordpress based website, where I want to keep certain sections (pages/posts) open to all kind of users (free+paid), while some sections available to only those users who have paid. Is there any plugin available or do I need to work on code part. How can I do this. Thanks
The reason you've been given a -2 on your question is that this is not a programming question.
You need a paid service for that kind of functionality or program that out from scratch by yourself. There are plenty of plugins that do that for you. Or perhaps your can find some "free" plugin to do that (Not recommended).
I've used wishlist before and it works great. Lots of setting to deal with though.
I'm trying to track my users through a website. I've installed google analytics but its a bit too anonymous for me. I'd like to track users on a per user/per visit basis.
Is there a service out there that does this (I can't seem to find one)? Would I be better off writing some bespoke code to do it?
Try http://www.kissmetrics.com/
EDIT
(But please read it all if you really wanna help :) )
Since I'm able to view all the profiles with the correct LDAP data (it's fetched when asked for, but never stored), an possible, albeit hackish solution, would be to display all the profiles as a table. Does anyone have an idea how that might be done ? Google hasn't help, understandably since most people never need to use such a feature.
EDIT
I've successfully used the LDAP Integration module to use LDAP authentication with Drupal. Now I'm trying to create an address book with information from LDAP. I've tried the following solution:
Changed the ldap_data.module, the part that states which fields can be mapped between ldap and drupal (e.g. mail => mail). This fails when I try to add more mappings. I believe this maps to the "users" table in drupal, but when I try to add a field to that table and map a LDAP attribute to it, nothing goes into the database. My plan was to then use Table Wizard with views to create the address book. Using Table Wizard and Views I was able to extract everything I wanted from the users table, but the problem of entering data into the table is still not solved.
If you have any ideas, any at all, I'd really appreciate it. I'm a beginner in drupal and LDAP altogether btw. I've already tried to google this to death over the last few days but nothing has helped me solve this problem.
The answer below helped me understand why this didn't work, but the problem is still unsolved.
The LDAP Data module is not intended to work with fields arbitrarily added to the users table. Instead, it works in conjunction with the core Profiles module and can map to its fields.