Access for nobody if no access group selected?

Hi,

All of this is complex and interacts with WP general filters behavior.

Often problems comes from the particular status of what is named “visitor” which is in fact “not login in”.
Then in your question “nobody” has access means necessarily anybody “not logged in”.

Your solution can be to disallow access to your site from whom is not registered ?
Another solution is to create a role for “not loggin in user”, for this see :
Thread about role of “not logged in user” in WP on stackexchange WP

UAM adds filters to the common filters of WP. This means that WP core sends to UAM filter arrays of elements (post, page, menu…) and the UAM suppress from the array the elements which don’t answer “true” to the query.
This means that UAM adds exclusions to the current accesses defined by roles in WP. UAM doesn’t redefine the basic roles and capabilities what does the plugin “Groups”.

best regards

Trebly

Hi,

The previous post had been got from old notes from a wrong study.

The error can be summarize by in WP a visitor is not a user

A “not logged in user ( is_user_logged_in() == false)” is a non-user is saying that the object user doesn’t exist, then it cannot have any admin declared role and capability.

Nevertheless UAM could be modified to hold a “pseudo user for visitor” and activate a filter when a user-user group is attached to a uam-visitor role (a standalone role used only by uam) and “is_user_logged_in() == false”

This can answer to the question : how to filter with uam access to elements (WP objects) by a not logged in user.

Note that semantically “not logged in user” is a non sense because if “not logged in connected to a WP internet site ” user is not a user for WP (no object user attached).
This is the origin of the study error which was considering that a visitor was a “not logged in” user, wrong proposal which was meaning that “logged (true or false) was an attribute of the user” . In WP a visitor is a “no” user… a visitor is not a user

Sorry for previous erroneous discussions.

Best regards

Trebly

Thanks a lot, Trebly!

I want to set up a blog for friends and family. I would use another plugin to make it fully inaccessible to the public, i.e. the blog has only logged-in users. Then, I would like to differentiate between two groups, “family” (can read everything) and “friends” (can read only some selected posts). This can perfectly be achieved with UAM. The only thing is the risk that I simply forget to check the “family” checkbox and then this post is readable by any logged-in user (e.g. also by “friends”).

Hi,

You should (I have not tested) use the two plugins combined :

1. Restricted Site Access
2. UAM

As I explained the mechanism of access control of “not logged in” and “registered” is completely different. So UAM cannot alone provide a solution.

Restricted Site Access will allow to define who you accept (i.e. by IP) and who you refuse (several way to check identitiy), if you refuse first (not identifiable) who try to connect, he will be redirected to the login page.

Best regards

Trebly

Hi,

Some complements.

• The “visitor” commonly not logged-in “user” has in current version an ID==0. This means that there is a quite empty object. Then test is_user_logged_in() or $current_user->ID==0 or current_user->login==” is the same.
• UAM when parameters define exclusion of any object not attached to a userusergroup with a role will necessarily show nothing to a visitor and redirect him to “access refused” anyway.

  I don’t understand how current users of UAM can function with this features.

  I developed a patch which allow s to attach a role (default uam-visitor) to a visitor. Then it become possible to define capabilities of visitor and use UAM to exclude objects to the view.
  As it is simple there just one role accepted with fixed name “uam-visitor”.

  This is an answer to the first question here.

  Best regards

  Trebly