Revoking reading capabilities for custom post types

  • Resolved Daniel Ellipsis

    (@daniilicicellipsis)


    6 months, 2 weeks ago

    I’m trying to revoke reading capabilty for some of my roles to some of the custom post types I have, using the Capabilities plugin.

    This is where I expected to find that option: https://tppr.me/CVOUrN, but there’s only Read Private option.

    I’m aware that everyone, even non-users have Read rights, and I solved that with Permissions plugin, by limiting reading rights to all non-loggedin users.

    Now, among logged in ones, I want to define which role has access to which CPT.

    I get that I could use Permissions plugin to do so, but I have multiple Roles and multiple CPTs, and Permissions plugin allows me only to set reading limit to “none” for each of the CPTs (https://tppr.me/LK51a8), and the problem with that is when the new post is added to that CPT, it’s not included in the list of posts my Role doesn’t have access to. Meaning I have to manually go to Permissions settings and set reading limit to “none” each time a new post is published. And that’s just tiresome when you have 3-4 different roles with combination of 3-4 CPTs.

    To get to the point, my question is – what’s the best approach to limiting Reading access for some of the Roles to some of the CPTs?

    And somewhat connected question – is there a better way to revoke Reading access to all non-logged in users?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support Riza Maulana Ardiyanto

    (@rizaardiyanto)

    Hi @daniilicicellipsis

    Thanks for your question.

    WordPress does not have read_posts or read_pages permissions, and it only have read_private_posts or read_private_pages. That’s why you will not be able to limit them using PublishPress Capabilities.

    And your current solution already correct, which is using Limit – None from PublishPress Permissions. If the new post is not automatically added, then it sounds like a bug.

    I created a GitHub issue on it so our developer can fix it in the future release: https://github.com/publishpress/PublishPress-Permissions/issues/1106

    Thanks,

    Plugin Author Kevin Behrens

    (@kevinb)

    @daniilicicellipsis @rizaardiyanto For your goal of blocking access to new pages by default, there is no need to save a separate Specific Permission for each individual page. The “Limit to” modification does not represent a list of posts that are blocked. It’s a “restrictive whitelist” that narrows whatever access the user may otherwise have. Limit to “none” means the user’s access is narrowed down to nothing for the specified post type and operation. That restrictive whitelist can be expanded from an empty set by adding specific posts alongside the “none” entry.

    So setting a Specific Permission of “Read” – “Limit to” – (none) causes Pages to be unreadable to the role by default. You would then need to assign a Specific Permission to make a new page readable, not to make it unreadable.

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.