How do I allow wp-admin access for custom roles without the edit_posts capability?

Hi,

My site uses custom roles with custom capabilities. I have set the s2 Member > General Options > Member Profile Modifications > Yes (redirect to Login Welcome Page; locking all /wp-admin/ areas).

This works as expected, except my custom role cannot access the wp-admin backend. I understand that the edit_posts capability is required to access wp_admin. If I grant the custom role the edit_posts cap they can access wp_admin, but I do not want this role to have that capability.

I found this post by a lead developer in an old thread from 2013. https://www.s2member.com/forums/topic/redirect-members-redirects-adminstrators/ I followed the instructions, but this code no longer seems to work.

Does anybody know how to change the default min. capability that s2 member requires for wp-admin access?

Thanks so much,
Jay

Screen Shot 2017-04-06 at 9.07.36 .png1403×809 105 KB

I would expect that you need to change ['user'] in this code so that the numbers refer to the ID(s) of the user(s) to whom you wish to give this capability.

Thanks for your help, Tim.

So I tried this in my functions.php

  add_filter('ws_plugin__s2member_login_redirect', 's2_login_redirect', 10, 2);
function s2_login_redirect($what_s2_says, $vars = array())
	{
		$user = $vars['user'];
		
		if($user->has_cap('list_users'))
			return TRUE;
			
		return $what_s2_says;
	}

where list_users is the capability of the custom role that should be able to access the wp-admin. The admin bar still gets replaced with the pared down s2 Member version and they still get kicked back to the profile page.

Does anyone know of a way to make it work with current_user_can( $capability , $object_id ); ?

Why have you changed the conditional? You are actually returning true for everyone.

Have you changed the numbers as I suggested?

I tried both TRUE and FALSE, just to see if either would take. Even set to TRUE, admins (and every role with the edit_posts cap) can access the admin area, all others can’t.

Changing the numbers had no effect either.

The only thing that works is giving my custom role the edit_posts cap (which I don’t want). So I’m pretty sure this is not a plugin or theme issue.

How about this?

<?php
function my_custom_login_redirect( $redirect, $vars = array() ) {
	$current_user = wp_get_current_user();
        
	if ( $current_user->has_cap( 'list_users' ) ) {
		return false;
	}
}
add_filter( 'ws_plugin__s2member_login_redirect', 'my_custom_login_redirect', 10, 2);

Nope. Same thing.

I tried using a different capability as well (read_private_posts). In the admin bar, on the left, I have the +New menu and the site link next to that. Selecting any of the sub menu items in +New (for example Media, which the user role has the permissions for) redirects to the Welcome Login page.

I really appreciate you trying to help though

Hmm, how about trying it the other way round?

In other words, turn off s2Member’s redirect and use, e.g., Peter’s Login Redirect plugin to set up redirects for specific roles as required?

I hadn’t thought of that! Thanks for the tip!

Although I’ll admit, I’m not a huge fan of installing (yet) another plugin and depending on it for a core functionality of my site. I generally really like the way s2 Member secures the admin area-it works great for my members-I just wish it was easier to customize who gets locked out and who doesn’t (not every user belongs either to a membership level or to a standard wordpress role with editing capabilities). So, while I’m sure this could work, using a third-party plugin seems more like workaround than a solution to me.

If my suggestion works (I haven’t tried it), I think your fears are misplaced. Installing another plugin is not a problem at all if that plugin is well-coded.

There is no limit to the number of well-coded plugins you can use on a site. But one badly-coded plugin can break the whole site.

If you have turned off the s2Member redirect, then it’s just using the default WP functionality, which can then be filtered by a different plugin. That’s not a work-around. That’s how WP is meant to work.

As you can probably tell, I’m new to wordpress and I don’t want to start out with a site full of plugin dependencies that I have to keep updated.

But you’re right, a well-coded (and maintained) plugin might be a solution. My site heavily relies on BuddyPress as the default login/profile member hub (with groups that tie into bbpress and an LMS). I’ll have to see if that plugin plays as nice with BP as s2 Member does.

Just in case anybody runs into the same problem, I thought I’d share the solution I have decided to use (at least for now).

• Enable s2Member redirect, locking all admin areas

• Give custom user role the edit_posts capability (so they can access wp-admin)

• Prune admin bar for all users except admin with the following function in your child theme functions.php

  function remove_admin_bar_links() {
    global $wp_admin_bar, $current_user;
    
    if ($current_user->ID != 1) {
    $wp_admin_bar->remove_menu('wp-logo');          // Remove the WordPress logo
    $wp_admin_bar->remove_menu('about');            // Remove the about WordPress link
    $wp_admin_bar->remove_menu('wporg');            // Remove the WordPress.org link
    $wp_admin_bar->remove_menu('documentation');    // Remove the WordPress documentation link
    $wp_admin_bar->remove_menu('support-forums');   // Remove the support forums link
    $wp_admin_bar->remove_menu('feedback');         // Remove the feedback link
    $wp_admin_bar->remove_menu('updates');          // Remove the updates link
    $wp_admin_bar->remove_menu('comments');         // Remove the comments link
    $wp_admin_bar->remove_menu('dashboard');        // Remove the dashboard link
    }
  

  }
  add_action( ‘wp_before_admin_bar_render’, ‘remove_admin_bar_links’ );

If this throws up unexpected problems, I might still give your plugin idea a try, Tim Thanks for the help!

Try this:

add_filter(‘ws_plugin__s2member_login_redirect’, ‘s2_login_redirect’, 10, 2);
function s2_login_redirect($what_s2_says, $vars = array()) {
$user = $vars[‘user’];
if($user->has_cap(‘list_users’) and !is_admin()) return TRUE;
return $what_s2_says;
}

Thanks for the suggestion, Krum, but that filter still blocks the admin back end for the custom role. Just to make sure, I pasted your code in the s2-hacks.php file (which resides in the folder wp-content > mu-plugins), not in the child-theme functions.php.

The potential problem I see with my workaround is that anyone with the custom role who somehow gets to the posts screen (although the menu does not show up in the admin back end) could theoretically still edit posts. Am I right?

I change the code above, please try again.

I used your updated snippet: [quote=“krumch, post:13, topic:1924”]
add_filter(‘ws_plugin__s2member_login_redirect’, ‘s2_login_redirect’, 10, 2);function s2_login_redirect($what_s2_says, $vars = array()) { $user = $vars[‘user’]; if($user->has_cap(‘list_users’) and !is_admin()) return TRUE; return $what_s2_says;}
[/quote]

Unfortunately, it still does the same thing (redirects to Welcome Login page). If I give the custom role the edit_posts cap, they immediately get through to the wp-admin area.

OK, try to change the “list_users” in user->has_cap('list_users') to your custom capability.

Thanks for the suggestion, but that didn’t work either.

Also, I’m developing locally with MAMP so that could be part of the problem. There seem to be localhost issues with a number of plugins out there.

So to isolate this problem, I’ve decided to start over with a fresh install of WP and an absolute minimum of plugins installed, just in case something got messed up. It may take me a while to report back, though

Hey jay,
have you found a solution yet? i’m facing the exact same issue.

Thansk,
Itamar

Hi Itamar,

Thanks for reminding me to report back.

Unfortunately, I had to abandon s2member as my membership solution.
Still, I never did get this problem solved. Maybe try Tim’s idea of using another plugin to handle the redirect.

Sorry I can’t be of more help.