Security Level for Deleting Records

  • I want to have the person that does “Record Edit Access Level” be the person that can delete records. To that end, it would be helpful to have a third access level setting item so that the access level for deleting records can be set separately from the option items “Record Edit Access Level” and “Plugin Admin Access Level” settings.

    If not an access level setting item for “Able to Delete Records”, is there another way to configure the PDB plugin so that the same person that has “Record Edit Access Level” can also delete records?

    Thanks

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author xnau webdesign

    (@xnau)

    And editor is supposed to be able to delete records, I will need to take a look at that. I’ll have a fix for this in the next update.

    Plugin Author xnau webdesign

    (@xnau)

    Actually, just to clarify, when you’re signed in as an editor, can you delete a record on the List Participants page by selecting a record checkbox, then selecting “delete” in the “with selected” dropdown and clicking “apply”?

    Editors should be able to delete records using this method in current versions of the plugin.

    Plugin Author xnau webdesign

    (@xnau)

    Allow me to correct the last statement I made about editors begin able to delete records. They cannot normally do this. My mistake was forgetting I had my test site set up to allow it.

    Participants Database does have granular control over access privileges through the use of a filter. I have written an article that demonstrates how to set up a filter to allow plugin editors to delete records:

    Allowing Participants Database Editors to Delete Records

    Thread Starter Mike Meinz

    (@mikemeinz)

    Yes, I previously read and applied the “Allowing Participants Database Editors to Delete Records” article.

    My original post above is a request for a new feature: a third access level setting item so that the access level for deleting records can be set separately from the option items “Record Edit Access Level” and “Plugin Admin Access Level” settings. That way, we can use the List Participants page record checkbox, selecting “delete” in the “with selected” dropdown and clicking “apply” to cause a delete. This also gives us the advantage of using the built-in delete confirmation dialog.

    Plugin Author xnau webdesign

    (@xnau)

    The filter code in the article gives you the ability to do this. The two access levels defined in the plugin are just a convenience, you can set up additional access roles if you want.

    If you look at the filter code in the article, it returns a WP capability. You can set this up to return a capability that identifies your third role.

    This comes with a warning, however: it’s complicated because you will need to filter for other access contexts as well: you will need to give this third role the ability to open the list participants page. Take a look at this article on the access contexts the plugin uses, it will help you create this third role with the capabilities it needs.

    Thread Starter Mike Meinz

    (@mikemeinz)

    Thank you for the article on the access contexts. I used that sample as-is to create a plugin to allow a WordPress Editor to delete when in the List Participants dialog.

    I would rather just have a checkbox in your plugin’s Settings page so that no additional programming is required but your example works fine for now.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Security Level for Deleting Records’ is closed to new replies.