Skip Navigation
Buy Now

Home Toolset Professional Support [Resolved] Restricted access to CPT based on User roles

[Resolved] Restricted access to CPT based on User roles

This thread is resolved. Here is a description of the problem and solution.

Problem:
I needed to restrict access to my CPT based on User roles, but it didn't work as I expected. I tried to bring the native WordPress "Post" type under Access control, which helped to solve the problem, is it a bug?

Solution:
This is actually not a bug, it works like this because some of access permissions are inherited from built-in WordPress permissions and capabilities. So we can say this is by design and how the Access plugin handles user role permissions.

Relevant Ticket & Solution:
https://toolset.com/forums/topic/access-isnt-granting-access-for-custom-roles/

This support ticket is created 6 years, 2 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 12:00 – 17:00 12:00 – 17:00 12:00 – 17:00 12:00 – 17:00 12:00 – 17:00 -
- 18:00 – 21:00 18:00 – 21:00 18:00 – 21:00 18:00 – 21:00 18:00 – 21:00 -

Supporter timezone: Asia/Karachi (GMT+05:00)

Tagged: 

This topic contains 4 replies, has 2 voices.

Last updated by toolset-dave 6 years, 2 months ago.

Assisted by: Noman.

Author
Posts
#1119195

toolset-dave

Hi,

I needed to restrict access to my CPT based on User roles, but it didn´t work as I expected. If I checked "Edit any", "Edit own", "Preview any" and "Read", the user with these specified permissions could not edit the CPT which was created by anyone else (only the ones the user created). I was trying to set up Custom Roles but nothing helped. Finally I have found https://toolset.com/forums/topic/access-isnt-granting-access-for-custom-roles/ and tried to bring the native WordPress "Post" type under Access control. Which helped to solve the problem. So my question is: Should the Access plugin work like this or is it a bug?

#1119300

Noman
Supporter

Languages: English (English )

Timezone: Asia/Karachi (GMT+05:00)

Hi,

Thank you for contacting Toolset support. This is actually not a bug, it works like this because some of access permissions are inherited from built-in WordPress permissions and capabilities. So we can say this is by design and how the Access plugin handles user role permissions.

Thank you

#1119752

toolset-dave

Thanks for the explanation. But I couldn´t find it in documentation (i.e. here: https://toolset.com/documentation/user-guides/setting-access-control/). So maybe it would be useful to mention that standard WordPress Posts must be managed by Access (in documentation or in plugin). Also its confusing if I have to check "Manage by Access" on my CPT, not to have checked "Same read permission as posts" and also not checked "Use the default WordPress read permissions", but as you said, some permissions are still inherited from WordPress...

#1119973

Noman
Supporter

Languages: English (English )

Timezone: Asia/Karachi (GMT+05:00)

Ok thanks for the feedback, we will review and forward your suggestions to the doc team.

Have a great day, thanks

#1120132

toolset-dave

Thank you!

Known issues and solutions

Frequently asked support questions

Support tickets archive

Get help from experienced contractors

Meet Toolset support team

Toolset Customer Support Policy

Need to tell us something about the quality of support

How to remove personal information from your database for support