Non logged in users can access a category page though the CPT is set to private

Dieser Thread wurde gelöst. Hier ist eine Beschreibung des Problems und der Lösung.

Problem:
Non logged in users can access a category page though the CPT is set to private

Solution:
You can use the pre_get_posts action hook to disable the taxonomy term archive.

You can find the proposed solution in this case with the following reply:
=> https://toolset.com/forums/topic/non-logged-in-users-can-access-a-category-page-though-the-cpt-is-set-to-private/#post-1799989

Relevant Documentation:
=> http://jboullion.com/disable-taxonomy-archive/

This support ticket is created vor 3 Jahre, 6 Monate. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

No supporters are available to work today on Toolset forum. Feel free to create tickets and we will handle it as soon as we are online. Thank you for your understanding.

Sun	Mon	Tue	Wed	Thu	Fri	Sat
-	10:00 – 13:00	10:00 – 13:00	10:00 – 13:00	10:00 – 13:00	10:00 – 13:00	-
-	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	-

Supporter timezone: Asia/Kolkata (GMT+05:30)

Tags: Types plugin

This topic contains 2 Antworten, has 2 Stimmen.

Last updated by nelsonT-2 vor 3 Jahre, 6 Monate.

Assisted by: Minesh.

Author

Artikel

Oktober 4, 2020 at 1:14 am #1799011

nelsonT-2

Hi,

I have created a CPT with a taxonomy and created roles in Access. Three of the roles I have set are "President/Secretary" and "Concil members".

In Access, I have set the CPT to be only access by the members of those two groups (all access for "President/Secretary" and Read only access for "Concil members).

If I access the "page" from a private window, I can see the title, but not the content (I used a Content template)... I honestly was expecting to see a 404 page error, since that's what I putted in the settings... But it's not the worst...

I created a menu (only visible for people of those two groups, thanks to the "IF menu" plugin). In it I putted links to the different categories (my taxonomy) of documents. With great surprise, if I copy/paste the url (site/category/category-term) I can see all the elements of that category... If I click on it, I arrive on the previously mentioned page... Should that page lead to a 404 page (or at least be empty or similar) since the user don't have access to that content?

So, basically, what I would want is that if we copy/paste either the category URL or the post URL itself, it both leads to a 404 page.

Thank you,
Nelson

Oktober 5, 2020 at 9:39 am #1799989

Minesh

Supporter

Languages: Englisch (English )

Timezone: Asia/Kolkata (GMT+05:30)

Hello. Thank you for contacting the Toolset support.

The URL you are saying (site/category/category-term) is actually a taxonomy archive.

You should try to add the following code to set the 404 error for taxonomy archive to disable the access using URL.
=> hidden link

Oktober 7, 2020 at 4:33 am #1802471

nelsonT-2

Thank you Minesh.

By default, the code you pointed me to disable the taxonomy for everyone (including admin). Since I wanted to allow it for some roles and not for other, I had to combine it with some other code, but it worked.

Here's the final code (that I added in the Toolset settings):
function jb_disable_tax_archive($qry) {

if (is_admin()) return;

if (is_tax('categorie-de-document')){
$user = wp_get_current_user();
$allowed_roles = array( 'administrator', 'president_secretaire', 'membre_du_conseil' );
if (! array_intersect( $allowed_roles, $user->roles ) ) {
$qry->set_404();
}
}
}

In case it can help others...
Nelson

This ticket is now closed. If you're a WPML client and need related help, please open a new support ticket.