[Resolved] Set content read/view permissions based on content creator’s access level

[Author]

Posts

[christineH-9]

I have a custom content type that is created by paid members of our website. I am trying to set the access of that content so that if the creator of that content is down-graded to a basic subscriber, then it is not visible to the public.
I may be able to configure display options within the template to hide content created by basic subscribers. But I would prefer to manage the access restrictions from Toolset.

The closest example that I can find is this support ticket: https://toolset.com/forums/topic/hiding-published-custom-post-if-a-users-membership-has-expired/
But I'm not trying to change the post itself. The published state and access settings of the posts will remain the same. But if the publisher of that content is down-graded to a lower access level, then their content should no longer have Read access by anyone.

I am still in the planning and configuration stages, so I don't have a sample to debug. If this is possible, I would appreciate a point in the right direction.

[Minesh]

Hello. Thank you for contacting the Toolset support.

You can setup the post type permissino based on the role.

Please check the following related Doc:
- https://toolset.com/course-lesson/setting-access-control/#managing-access-control-for-posts-pages-and-custom-post-types

But there is no dynamic way such that when the role is switched or downgraded permissions will be denied.

With Toolset Access - you can define the permission for post type that what role can do what that is it.

[christineH-9]

Thank you for helping me with that.
From what I can tell in the documentation, there are options for who is allowed to create and edit content—and who is allowed to view the content—but there are no options that take the content created by one specific role, and hide it from a different specific role.

In other words, there is no way in Toolset to determine the viewer's read access based on the author's role. Is that correct?

Under Access Control > Custom Roles (advanced mode) > Change permissions > Custom capabilities; how do the Custom Capabilities (see screenshot) work? I don't see any information in your documentation for how to configure this section.

[Minesh]

As you can see:
- https://toolset.com/course-lesson/setting-access-control/#managing-access-control-for-posts-pages-and-custom-post-types

With every role there is read permission - when there is no read permission, that means there is no permission to access that content type.

For example - you can restrict the access to specific page for specific role by creating post group:
- https://toolset.com/course-lesson/restricting-access-to-pages/#create-a-post-group-for-pages-restricted-to-logged-in-users

As per your screenshot there is no custom capabilities there so there is no use of that in your case and it will require custom programming that is beyond the scope of our support policy.

If you can setup a test canse and tell me where exactly you need the help once I reivew your current settings I will be able to guide you in the right direction.

[christineH-9]

Thank you for your reply, but I don't think you have solved my problem yet.
I am attempting to set different read permissions on content based on the author's user role. My end goal is to remove Guest read access to all Member created content, when they are down-graded to a regular Subscriber.

For example:

- Guest users have read access to Events created by a "Member" user role.

- Guest users do NOT have read access to Events created by a "Subscriber" user role.

With access control and post groups I am able to remove Guests read access for all Events, and I'm able to allow Members to create Events... but I don't see how to grant Guest read access to only the Events created by Members.

If this works, I can manage all of the Member generated content access with just ONE access rule. If it doesn't work, then I will have to change every Member generated event, every time a Member changes their user role.

EDIT:
I just ran the API documentation through an AI, and it came up with this function. I believe using this code with the Custom Capabilities will achieve the restriction effect I'm after.

function restrict_guest_event_access( $allcaps, $cap, $args, $user_id ) {
if ( $cap === 'read_post' ) {
if ( isset( $args[0] ) ) {
$post_id = $args[0];
$post = get_post( $post_id );

if ( $post && $post->post_type === 'events' ) {
$author_id = get_post_field( 'post_author', $post_id );
$author = get_user_by( 'id', $author_id );

if ( $author ) {
$author_roles = (array) $author->roles;
//check if author has the professional role
if ( in_array( 'professional', $author_roles) ) {
// Check if current user (guest) has the capability to view professional events
if( ! current_user_can( 'view_professional_events' ) ) {
$allcaps['read_post'] = false;
}

} else {
// Check if current user (guest) has the capability to view general events
if ( ! current_user_can( 'view_general_events' ) ) {
$allcaps['read_post'] = false;
}
}

}
}
}
}
return $allcaps;
}
add_filter( 'user_has_cap', 'restrict_guest_event_access', 10, 4 );

[Minesh]

Yes - you can manage such situation by adding such custom filter.

There is no GUI way to manage that and you will have to add such little extra filter in order to manage your requirement. We can guide you with such code when you have actual working post type and content.