Tagged: capability, user role
- This topic has 12 replies, 2 voices, and was last updated 7 months, 4 weeks ago by
Sebastian.
| Author | Posts |
|---|---|
 marcelreschke
April 5, 2018 at 1:33 pm
|
Hello, I would like to allow some users to edit the css via microthemer but I don’t want to give them full admin capabilities. I have a new user role “Art Director”, what capabilities does the role need to open and use Microthemer? Best, |
 Sebastian
April 6, 2018 at 8:17 am
|
Hey Marcel, Currently, users can only access Microthemer if they have administrator privileges. This will be configurable in a future update. But for now, you would need to give your Art Director admin privileges in order for them to work with Microthemer. Cheers, |
 austenozzy
February 21, 2021 at 1:50 pm
|
Hi – sorry to resurrect an old thread, but is there any change in this? I need to use microthemer to help with the layout of an awkward dashboard (WC Vendors Pro), but Admins can’t be vendors and thus can’t see the dashboard. But in order to style it with Microthemer, I need to be logged in as Admin in order to do so… Bit of a Catch 22! |
|
Sebastian
February 22, 2021 at 11:10 am
|
No need to apologise 🙂 It is I that should. This isn’t ready yet, and will not be until later in the year unfortunately, as I’m currently working on some higher priority features. And making MT user access configurable isn’t a quick feature I can squeeze through. The only (clumsy) workaround I can suggest is copying the HTML of the dashboard section into another site running MT and then style the content from there, and then copy the generated CSS over. For copying HTML via Chrome:
I hope that helps! Cheers, |
 Casey
July 31, 2023 at 12:25 pm
|
Hey Sebastian, We are having some real issues with this feature at the moment. Do you know if you have sorted this out yet? Would be great if we could set the capability of microthemer to whatever we decide or have a custom capability we an assign to a user to give them permission to use microthemer. Any update on when this will be ready? Thanks |
|
Sebastian
July 31, 2023 at 1:19 pm
|
Hi guys, Microthemer can still only be used by administrators, because it allows people to add JavaScript to the site, and write other files to the server. Unfortunately this feature has been deprioritised because supporting multiple user roles with access to certain features adds complexity to the process securing the plugin against misuse. The Wordfence archive contains lots of instances of page builders and other plugins making mistakes with user privileges. For me to implement this safely would divert too much of my resources away from other enhancements I’m working on. I’m sorry for those of you that want this feature. Best wishes, |
|
Casey
July 31, 2023 at 10:38 pm
|
Hey Sebastian, Totally get where you are coming from with your response, so could we maybe get a half way solution? At present microthemer is linked to the Administrator. If you are not the administrator, it does not matter if you have all the same capabilities as the administrator you are not allowed to use microthemer. Could we possibly have it (like almost all other plugins) where it is linked to a capability rather than a role? The manage_options capability seems to be the one most use in these scenarios. I have managed to configure a site using roles and capabilities and everything (including the page builders) can be assigned via some sort of adjustment to the capabilities. It is only Microthemer we have an issue with. Do you think something like this would be a good compromise? Not asking for an all singing all dancing roles and capabilities addition, just for you to change the access level to be attached to a capability instead of a role. It would be much appreciated *^_^* Thanks |
|
Sebastian
August 1, 2023 at 10:17 am
|
Yes, I’m happy to look into that solution. Can you give an example of a reputable plugin on wordpress.org that implements an equivalent administrator check? My first thought is that MT could check for one capability that only administrators have, both on single and multisite installs, such as:
But there may be better solutions out there. Thanks, |
|
Casey
August 1, 2023 at 10:30 pm
|
Hey Sebastian, A really good plugin to look at is this one: https://www.role-editor.com/ It has a really good and deep level or understanding from a roles and capabilities perspective. Your idea is exactly the type of halfway solution I was going on about. Check for a capability and if the user has it, then they can access microthemer. If you wanted to go a step further, you could just create a custom capability and have it added to the administrator on activation. Then those of us that want to add microthemer to another user can just add that custom capability to them and they can use it. Failing that, having manage_options or one of the other capabilities as you have suggested would be fine. I believe s2Member creates its own capabilities and role access levels in wordpress so that might be a good reputable open source project to go and look at. Hope that all makes sense *^_^* Thanks |
|
Sebastian
August 2, 2023 at 1:07 pm
|
Thanks for the recommendations Casey. I will check those out and let you know how I get on. Cheers, |
|
Sebastian
August 22, 2023 at 8:09 pm
|
Hey, Sorry for the delay. I’ve created another development branch to work on this. Here is my first attempt. MT will work if you set the user’s permissions to ‘manage_options‘ and the following PHP constant in wp-config.php
For the time being, I’m making sure the normal administrator check applies by default, unless the PHP constant is set – just to proceed cautiously. Is that a big problem in terms of convenience? Thanks, |
|
Casey
August 22, 2023 at 9:12 pm
|
Thanks Sebastian. I will put this on a development website next week and see how it goes 🙂 |
|
Sebastian
August 23, 2023 at 11:59 am
|
Great, speak soon! |
