Folder ownership

  • Resolved Barry Brunning

    (@datastream)


    3 years, 7 months ago

    Hi Wicked Folders Pro,

    An administrator had created folders prior to the Permissions enhancement. Now it appears that if a role’s only permission for a post type is ‘Create folders’ the folders they see are only theirs. Makes sense. There’s an implied ownership.

    However, we have folders created by an administrator prior to the Permissions enhancement. The user who would have created that folder after the Permissions enhancement cannot see that folder because it belongs to admin or maybe no one by default (I assume). Is there a way to assign the folder to the user as if they had created it?

    Thank you,
    Barry Brunning

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author wickedplugins

    (@wickedplugins)

    Hi Barry,

    Yes, you can assign the folder to the user by editing the folder and selecting the user from the “Owner” dropdown.

    If you have a lot of folders that need to be assigned and are comfortable with SQL, you could write a query to insert a record into the wp_termmeta table for each folder term that doesn’t have a wf_owner_id meta key.

    I hope this helps!

    Thread Starter Barry Brunning

    (@datastream)

    Thank you. Obvious really.

    Thread Starter Barry Brunning

    (@datastream)

    Hello WF Support,

    Successfully assigned folders to owners on a localhost system. Now trying to repeat on the live site https://www.datastream.world. Unfortunately, all I’m seeing is a ‘Searching …’ message.

    It’s happening on Posts as well, so not just Products. There’s only about 30 users registered.

    Any suggestions please? Happy to provide a staging site if that’s useful.

    Thank you,
    Barry Brunning

    Plugin Author wickedplugins

    (@wickedplugins)

    Hi Barry,

    It sounds like access to the API endpoint that lists users is possibly being blocked. Do you have a security plugin installed on the live site that could be blocking the endpoint?

    Thread Starter Barry Brunning

    (@datastream)

    Yes. Wordfence.

    If one goes to: All Options/Firewall Options/Brute Force Protection – Additional Options – Uncheck: Prevent discovery of usernames through ‘/?author=N’ scans, the oEmbed API, the WordPress REST API, and WordPress XML Sitemaps and then Save Changes, then Wicked Folders finds the users.

    Wordfence recommends keeping this option enabled. However, the WordPress opinion seems to be different. See Why is the REST API enabled by default?

    Since we have strong passwords and 2FA we should be secure.

    Thank you,
    Barry Brunning

    Plugin Author wickedplugins

    (@wickedplugins)

    Glad you were able to track down the cause Barry. If I can help with anything else, let me know.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Folder ownership’ is closed to new replies.