Okay
  Public Ticket #1501089
Faculty see each other's courses in the back end
Closed

Comments

  •  1
    fallapart started the conversation

    When faculty members log in to the site, and visit the courses page on the admin side (wp-admin/edit.php?post_type=polytechnic_courses) , they can see and edit each other's courses. I'm assuming they're only supposed to be able to see courses they've created. Is there a setting somewhere that would have allowed this?

    Thanks!

    Ian H.

  •  115
    Charles replied

    Hi Ian H.,

    Yep, I'd do this via the Faculty Role with a child theme - functions.php file, and updating the function add_theme_caps() on line 313. 

    References: https://3.7designs.co/blog/2014/08/restricting-access-to-custom-post-types-using-roles-in-wordpress/

    https://codex.wordpress.org/Roles_and_Capabilities

    You can also do this with a plugin, but it's pretty simple if you just making a slight mod. 

    Let me know if that helps,
    Charles

  •  1
    fallapart replied

    Is it better to copy the whole "function add_theme_caps()" into the child theme's functions.php or just to use a remove_cap for the faculty role and the edit_others_posts function ?

  •  115
    Charles replied

    Good question...

    Functions.php should be pulling from the child theme, and because this is declared there in functions.php, I'd personally start by copying the function and overriding via the child theme.

    I generally would use remove_cap if the function is already registered (via a plugin), although, in a child theme, I'm not sure if it registered the original function, in which case the later would make more sense.

    In short, try the first, if it doesn't work, try the second=

  •  1
    fallapart replied

    So when I declared the add_cap in the child theme's functions.php, I got the following error:

    Your PHP code changes were rolled back due to an error on line 313 of file \wp-content\themes\polytechnic\functions.php. Please fix and try saving again.
    Cannot redeclare add_theme_caps() (previously declared in \wp-content\themes\polytechnic-child\functions.php:41)

    So it looks like WP is trying to load both instances of the add_cap and failing.

    However, when I tried the remove_cap() for edit_others_posts using either

    function remove_faculty_edit_others_posts() {
        // get_role returns an instance of WP_Role.
        $role = get_role( 'faculty' );
        $role->remove_cap( 'edit_others_posts' );
    }
    

    or

    function remove_faculty_edit_others_posts(){
        // $wp_roles is an instance of WP_Roles.
        global $wp_roles;
        $wp_roles->remove_cap( 'faculty', 'edit_others_posts' );
    }
    

    it seemed to have no effect.  Is there a custom post type that I should be removing the capabilities on, or is this an enqueuing order problem?

  •  115
    Charles replied

    A couple of things could be going on here, but if that is the case, I would start by editing the parent theme functions.php function to ensure the caps provided there are what you are looking for. It may be that custom post types are handled differently. I did not declare the capability_type (notice it's commented out below), so my understanding is that it will be managed with standard post caps.

    For example - https://wordpress.stackexchange.com/questions/62985/remove-edit-or-add-facility-for-custom-post-type

    https://3.7designs.co/blog/2014/08/restricting-access-to-custom-post-types-using-roles-in-wordpress/

    The custom post type registered is: 

    function create_polytechnic_course() {
        register_post_type( 'polytechnic_courses',
            array(
                'labels' => array(
                'name' => __('Courses', 'mythology'),
                'singular_name' => __('Course', 'mythology'),
                'add_new' => __('Add New', 'mythology'),
                'add_new_item' => __('Add New Course', 'mythology'),
                'edit' => __('Edit', 'mythology'),
                'edit_item' => __('Edit Course', 'mythology'),
                'new_item' => __('New Course', 'mythology'),
                'view' => __('View', 'mythology'),
                'view_item' => __('View Course', 'mythology'),
                'search_items' => __('Search Courses', 'mythology'),
                'not_found' => __('No Courses found', 'mythology'),
                'not_found_in_trash' => __('No Courses found in Trash', 'mythology'),
                'parent' => __('Parent Course', 'mythology')
            ),
            'rewrite' => array( 'slug' => 'courses', 'with_front' => false ),
            'public' => true,
            // 'show_in_menu' => true,
            // 'capability_type'     => 'polytechnic_courses',
            'map_meta_cap'        => true,
            'publicly_queryable'  => true,
            'menu_position' => 15,
            'supports' => array( 'title', 'editor', 'author', 'thumbnail', 'comments', 'excerpt' ),
            //'taxonomies' => array( 'category' ),  //Adds support for Native WordPress Post Categories
            'taxonomies' => array( 'polytechnic_courses_category' ),  //Adds support for custom Polytechnic Course Categories
            'menu_icon' => /*plugins_url( 'images/image.png', __FILE__ )*/'dashicons-book-alt',
            // 'show_ui' => true,
            'has_archive' => true
            )
        );
    }
    

    From there, once you get the syntax nailed down on the cap function, you can move the function outside of the parent theme. This is getting a bit beyond the scope of support as we are modifying options not included with the theme. If you prefer, you might check out a plugin to manage this like; https://wordpress.org/plugins/user-role-editor/. There are also some cool plugins on Code Canyon that might help with this.

  •  1
    fallapart replied

    All right, I edited the parent theme's functions.php, but I understand that will probably be undone the next time the theme is updated. I'm not sure how to have only one version of the faculty role declared, since it looks like WP loads both functions.php (according to https://codex.wordpress.org/Child_Themes#Using_functions.php anyway).  So I have it working now, but I'm going to have to remember to fix it on every theme update.  I might have to look into the plugin route if updating the theme becomes too onerous.

    Thanks for your help!

  •  115
    Charles replied

    Hi Ian, 

    I had a couple of ideas, you might be able to set the priority of your remove_cap function in the child-theme: https://developer.wordpress.org/reference/functions/add_action/

    Alternatively, you might be able to remove_action in the child-theme, and add your own in the child-theme: https://stackoverflow.com/questions/12539947/how-can-i-change-action-priority-in-wordpress

    Hope that helps,
    Charles