I need to allow access to posts which are created for each role, but any role above that role can see documents for all roles beneath it.
So a trainee level 3 can see level 2 and 1 documents but level 1 can’t see anything above it?
I’m guessing assigning the posts into groups would be the way and assigning roles to each group would work, but this seems messy, especially as I could also perform a conditional php check (it’s a coded website not using views etc) to perform a role check on page load.
Is there an easy way in access to allow this type of post management?
There isn't a way to create a hierarchy of roles in the way you describe, no, each role is essentially a standalone role with capabilities that are independent of any other roles registered.
Adding document posts to post groups and then granting roles permission to view/edit documents in those groups would be the way to go.
I'm not sure it's that messy.
You would create post groups along the lines of "level 3 and above", and set permissions for that group for each role accordingly (deny level 1 and 2, permit other roles).
So there would be a certain amount of set-up, but you'd only have to do it once.
Then it would just be a question of assigning documents to the correct post groups as they are published.
Ie now done this and created all the roles and groups required. Im creating the site without the use of views / layouts and using PHP and JS for customisations.
Looking through the documentation for toolset, I cant seem to find any shortcodes for Access where I can conditionally display posts in my post archive based on the group its assigned to. Can you point me in the right direction for the shortcakes for toolset access so I can display content myself without rewriting accesss control myself
Thanks for the reply. This is not really what im looking for as this would require conditionally checking the user role which I don't need access for.
What im looking for is to get the assigned post group of the current post (thats easy as theres a shortcode - echo do_shortcode ("[wpv-post-field name='_wpcf_access_group']");
That displays the post group the current post is assigned to.
Now I need to check that the current user is in that group and can view this post. This is what I cant find the answer to as there doesn't seem to be any post meta attached to the user showing what group their in, nor a shortcode for getting it? Any ideas, otherwise its a case of bypassing access and manually doing a conditional which is not what id prefer if at all possible
The reason you don't find user meta showing what group they belong to is that users don't belong to groups, roles do (or more accurately, posts belong to groups, and permissions for the posts within the group are determined by role).
My apoligies but im still not understanding how this works, or its not working how I expect.
I have a user with a role of subscriber (its a custom role but the same capabilities)
I have 4 posts, 3 are viewable by subscriber, 1 is only viewable by administrators.
Using the above filter, it doesnt work as it shows that the current user has read permission (which it does globally) but it should show false for one of the posts (the one highlighted in the attached image).
Below is my code
/*Get the user id*/
$user_id = get_current_user();
/*Echo the current group the post belongs to*/
echo do_shortcode ("[wpv-post-field name='_wpcf_access_group']<br>");
/*Get user permissions for this post*/
$has_permission = current_user_can('read');
$has_permissions = apply_filters('toolset_access_api_get_post_permissions', $has_permission, 1, 'read', $user_id, 'en');
/*Spit out the query results*/
var_dump ($has_permissions);
echo '<pre>';
print_r ($has_permissions);
echo '</pre>';
I suggest a slight change to the docs showing one part of the function needs the current post id as opposed to a number (which I now realise is the post id in the example)