Restricting Child Content

  • Resolved Bradley Pirman

    (@bradley-pirman)


    8 years, 6 months ago

    I was very frustrated by this option [“Restrict Access to Content and Sub Content”] and here’s why:

    I created seven pages. One parent and 6 children.

    I installed your plugin

    Visited parent page and chose: “Restrict Access to Content and Sub Content”

    I began testing. I could still view the child pages as public access.

    after half an hour of tinkering, I decided to edit all of the child pages. Once I edited and Updated each of the children, the option worked as expected.

    I assumed that restricting the parent page with that option would restrict the children as well but it looks as though all child pages must be “touched” in order for the option to work.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Matt Watson

    (@mwtsn)

    Thanks for the feedback. I’m not sure what’s happened here as pages do not usually need to be ‘touched’.

    I’ll take a look and see if I can make amendments.

    Hi Matt,
    I am also getting same error. When i set parent page access and then create sub page , other user role still see sub page content. This may be due to the meta tag ‘_mkdo_rcbr_admin_roles’ gets set for child and has access to all roles.

    I saw first time that this meta tag was not set for sub pages and these sub pages were not getting displayed to other role.

    Please inform if you get to fix this.

    `
    //I updated the following function to make it work for me doing more testing

    public function save_meta_box( $post_id ) {

    global $wp_roles,$post;

    // If it is just a revision don’t worry about it
    if ( wp_is_post_revision( $post_id ) ) {
    return $post_id;
    }

    // Check it’s not an auto save routine
    if ( defined( ‘DOING_AUTOSAVE’ ) && DOING_AUTOSAVE ) {
    return $post_id;
    }

    // Verify the nonce to defend against XSS
    if ( ! isset( $_POST[$this->nonce_key] ) || ! wp_verify_nonce( $_POST[$this->nonce_key], $this->nonce_action ) ) {
    return $post_id;
    }

    // Check that the current user has permission to edit the post
    if ( ! current_user_can( ‘edit_post’, $post_id ) ) {
    return $post_id;
    }

    $all_roles = array_keys( $wp_roles->roles );

    $mkdo_rcbr_admin_roles = isset( $_POST[‘mkdo_rcbr_admin_roles’] ) ? $_POST[‘mkdo_rcbr_admin_roles’] : array();
    $mkdo_rcbr_restrict_admin_sub_content = isset( $_POST[‘mkdo_rcbr_restrict_admin_sub_content’] ) ? sanitize_text_field( $_POST[‘mkdo_rcbr_restrict_admin_sub_content’] ) : ‘content’;
    $mkdo_rcbr_admin_override = isset( $_POST[‘mkdo_rcbr_admin_override’] ) ? sanitize_text_field( $_POST[‘mkdo_rcbr_admin_override’] ) : null;

    foreach ( $mkdo_rcbr_admin_roles as &$role ) {
    $role = sanitize_text_field( $role );
    }

    // If we are not overriding, get rid of the overrides
    if ( ! empty( $mkdo_rcbr_admin_override ) && ‘override’ != $mkdo_rcbr_admin_override ) {
    $mkdo_rcbr_admin_roles = array();
    $mkdo_rcbr_restrict_admin_sub_content = ‘content’;
    }

    $checked_roles = array_diff( $all_roles, $mkdo_rcbr_admin_roles );

    $checked_roles[] = ‘administrator’;

    if ( ! empty( $post->ancestors ) ) {
    foreach ( $post->ancestors as $parent ) {
    $parent_mkdo_rcbr_admin_roles = get_post_meta( $parent, ‘_mkdo_rcbr_admin_roles’, true );
    if ( ! empty( $parent_mkdo_rcbr_admin_roles ) ) {
    $is_restricted_by_parent = true;
    $parent_id = $parent;
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/
    $parent_mkdo_rcbr_restrict_admin_sub_content = get_post_meta( $parent, ‘_mkdo_rcbr_restrict_admin_sub_content’, true );
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/
    break;
    }
    }

    }else{

    if($_POST[‘parent_id’]){

    $check_ancestors = get_post_ancestors( $_POST[‘parent_id’]);

    if($check_ancestors){

    foreach ( $check_ancestors as $parent ) {
    $parent_mkdo_rcbr_admin_roles = get_post_meta( $parent, ‘_mkdo_rcbr_admin_roles’, true );
    if ( ! empty( $parent_mkdo_rcbr_admin_roles ) ) {
    $is_restricted_by_parent = true;
    $parent_id = $parent;
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/
    $parent_mkdo_rcbr_restrict_admin_sub_content = get_post_meta( $parent, ‘_mkdo_rcbr_restrict_admin_sub_content’, true );
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/
    break;
    }
    }
    }else{
    $parent_mkdo_rcbr_admin_roles = get_post_meta( $_POST[‘parent_id’], ‘_mkdo_rcbr_admin_roles’, true );
    if ( ! empty( $parent_mkdo_rcbr_admin_roles ) ) {
    $is_restricted_by_parent = true;
    $parent_id = $_POST[‘parent_id’];
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/
    $parent_mkdo_rcbr_restrict_admin_sub_content = get_post_meta( $parent_id, ‘_mkdo_rcbr_restrict_admin_sub_content’, true );
    /*get parent meta value for _mkdo_rcbr_restrict_admin_sub_content*/

    }
    }

    }

    }

    if($is_restricted_by_parent == 1){

    update_post_meta( $post_id, ‘_mkdo_rcbr_admin_roles’, $parent_mkdo_rcbr_admin_roles );
    update_post_meta( $post_id, ‘_mkdo_rcbr_restrict_admin_sub_content’, $parent_mkdo_rcbr_restrict_admin_sub_content );
    update_post_meta( $post_id, ‘_mkdo_rcbr_admin_override’, $mkdo_rcbr_admin_override );

    }else{
    update_post_meta( $post_id, ‘_mkdo_rcbr_admin_roles’, $checked_roles );
    update_post_meta( $post_id, ‘_mkdo_rcbr_restrict_admin_sub_content’, $mkdo_rcbr_restrict_admin_sub_content );
    update_post_meta( $post_id, ‘_mkdo_rcbr_admin_override’, $mkdo_rcbr_admin_override );
    }

    }

    Plugin Author Matt Watson

    (@mwtsn)

    Thanks @praveen33, I’ll push your code into the next release.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Restricting Child Content’ is closed to new replies.