Hi. We set up membership levels using s2Member Pro and then used User Role Editor to associate different custom capabilities with each membership level. These custom capabilities are not named using the “access_s2member” format. They are named things like “basic_access”. We tried to use the “Require Custom Capability” field on the page editor screen to allow access only to people with the “basic_access” capability, but the page is still inaccessible to memberships that contain that custom capability. Is this due to the naming convention or am I doing something else wrong?
"Require Custom Capabilities" w/ User Role Editor capabilities
You are not supposed to include the phrase access_s2member in a custom capability (ccap), so there’s no problem with your naming convention.
I suspect that the problem is that you have also protected these posts or pages so that they are accessible only to those with a specific role. If so, they will be accessible only to users who have BOTH that role (or above) AND the ccap.
Hi, Tim. Thanks for responding.
We’re currently only using the custom capability to block off the pages. However, in our testing, we’ve tried using just the custom capability, just the membership level, and both. None of them worked. As soon as we set anything in the s2Member settings box, pretty much everyone except admins are blocked from the page.
I also checked the “Restriction Options” section. One of the pages we were testing was there so we removed it, but the other test page was not listed and we’ve still had the same problems with both.
I can think of three other things to check:
-
Make sure you have set a Membership Options Page.
-
Turn off all caching, including at server level.
-
Check for a plugin conflict, particularly a security plugin or one that makes changes to the
.htaccessfile.
I think the problem is, that at the shown form s2M expects to check “own” ccaps. Means, the ccap should have “access_s2member” in the DB. But these have not…
There is a way, but needs some coding. Use this hack, create your own check function, and protect the content on page with [s2If] conditionals and your checking function.
Tim:
-
We already have a Membership Options Page set.
-
All caching should be turned off. I’ll have to double check and make sure it’s turned off at the server level as well.
-
We’ll check for plugin conflicts and see how that goes.
Thanks for the suggestions, Tim.
Krum:
Thanks for responding. I might be understanding this wrong, but it looks like the implementation of that solution is through s2if conditionals, which I can already use to block off content on the page with all of the custom capabilities I have created (i.e. s2If current_user_can(basic_access). I was hoping to be able to use the S2Member settings box on the page to take advantage of the auto-redirect function that sends people to the Membership Options Page if they don’t have access. Using your hack, would there be a way for me to achieve this same functionality (securing an entire page for a specific custom capability and redirecting everyone else to the Membership Options Page)?
I think the problem is, that at the shown form s2M expects to check “own” ccaps. Means, the ccap should have “access_s2member” in the DB.
I re-tested setting up the custom capabilities using the access_s2member_ccap_ naming convention and Krum was correct. That fixed it. I tested it before, but I think I still had a level assigned which caused it not to work.
I can use whatever naming convention I want for using custom capabilities in the s2if conditionals, but the content restriction box looks like it requires the access_s2member_ccap_ prefix. I’m just going to have to go back through and recreate all of the custom capabilities to include it. Thank you both for all you help.
The ccap box does not need that prefix. The prefix is used in PHP code. There is a difference.
The problem was simply that you were assigning a level somewhere too.
That’s weird because adding a custom capability as shown in my screenshot didn’t work, but creating a new test capability named “access_s2member_ccap_a” worked perfectly. I checked everywhere I could think of that I could have a level assigned (widget, Restriction Options) and neither of those were set for the pages in question.
I tested it before, but I think I still had a level assigned which caused it not to work.
This was referencing the time I tested the “access_s2member_ccap_” naming convention. Sorry for not being clear on that. No level was assigned when testing the other custom capabilities.
If I could use my current custom capabilities (without “access_s2member_ccap_”), that would be great as I wouldn’t have to go through the site and update all of the shortcodes we have already added, but I still can’t get those capabilities to work with the ccap box. If it were a plugin conflict, then I would assume it still wouldn’t work even when testing the “access_s2member_ccap_” capabilities.
All the testing I’ve done seems to point to the naming convention being the problem, but I’d love any other suggestions for getting the ccap box to work using my existing capabilities.
You can look at the Knowledgebase to confirm what I am saying. You can also check through this forum to confirm it.
But I don’t need to do either. I use ccaps without that prefix and they work perfectly.
I’m not trying to tell you you’re wrong. Obviously, it works for you or you wouldn’t be telling me it works, but it’s not working for me and I have no idea why. And I can’t think of a reason it would work with the access_s2member_ccap prefix and not other custom capabilities unless the ccap box requires it. I wasn’t trying to be antagonizing. I am honestly asking for any other suggestions you might have that would help me figure out why this isn’t working for me.
OK, it didn’t seem like you had accepted that.
My point is you have something else going on, and so you need to work out what that is.
I can’t see what other plugins, theme, code, server settings, etc you have, so I can only guess. You need to deactivate everything else and then see what’s left. Do you have any mu-plugins, for example? Or something in your theme?
@JustinG, with [s2If conditions] you can check for “s2M generated” ccaps (those with “access_s2member_ccap_” prefix). You try to check “foreign” ccaps, which are “legit” with WP, but not with s2M (no “access_s2member_ccap_” prefix). My hack allows you to build your own check, that will be able to check “foreign” ccaps. Hope that helps.