Ask your WordPress questions! Pay money and get answers fast! Comodo Trusted Site Seal
Official PayPal Seal

Problem with a plugin permissions... Please Help! WordPress

  • SOLVED

Ok, I found a plugin I need to modify which is pretty easy, but I'm stuck on a permissions issue between roles.

The plugin works fine when logged in as an Administrator, but when the role is set to an Author the plugin states you don't have permission to view the page.

I know it's simple, but I'm missing it somewhere.

Here's the code for the plugin. It makes a custom dashboard page for wordpress.

Here's also the URL if you need to full plugin. https://github.com/Buooy/wp-custom-dashboard


<?php
/*
Plugin Name: WordPress Custom Dashboard BoilerPlate
Plugin URI: https://github.com/buooy/wp-custom-dashboard
Description: WordPress Plugin BoilerPlate to create a custom dashboard
Version: 0.1.2
Author: Aaron Lee
Author URI: http://buooy.com
*/
/*******************************************************
* Classes *
*******************************************************/
class wp_custom_dashboard {
// Variables
protected $plugin_url;
protected $image_url;

protected $parent_slug = NULL;
protected $page_title = "Dashboard";
protected $menu_title = "Dashboard";
protected $capability = "read";
protected $menu_slug = "dashboard";

// Standard Constructor
public function __construct()
{
$this->plugin_url = plugin_dir_url( __FILE__ );
$this->image_url = $this->plugin_url.'dashboard/img/';

add_action('admin_menu', array( $this,'wp_set_dashboard') );
add_action('load-index.php', array( $this,'wp_redirect_dashboard') );
}
// add the dashboard to the WordPress
public function wp_set_dashboard()
{
$page_hook_suffix = add_submenu_page( $this->parent_slug,
$this->page_title,
$this->menu_title,
$this->capability,
$this->menu_slug,
array( $this,'wp_create_dashboard') );

// Enqueues the script and the styles
add_action( 'admin_init', array($this, 'custom_dashboard_admin_init') );
add_action('admin_print_scripts-'.$page_hook_suffix, array($this, 'custom_dashboard_admin_scripts'));
add_action( 'admin_print_styles-'.$page_hook_suffix, array($this, 'custom_dashboard_admin_styles') );
}

// Enqueues the admin scripts and styles
public function custom_dashboard_admin_scripts()
{
wp_enqueue_script( 'custom-dashboard-script' );
}
public function custom_dashboard_admin_styles()
{
wp_enqueue_style( 'custom-dashboard-style' );
}

// Initiate the admin custom dashboard
public function custom_dashboard_admin_init()
{
wp_register_script( 'custom-dashboard-script', $this->PLUGIN_URL.'dashboard/js/script.js' );
wp_register_style( 'custom-dashboard-style', $this->PLUGIN_URL.'dashboard/css/style.css' );
}

// Creates the dashboard. Look at dashboard.php to change the dashboard look
public function wp_create_dashboard()
{
// WordPress Administration Bootstrap
require_once( ABSPATH . 'wp-load.php' );
require_once( ABSPATH . 'wp-admin/admin.php' );
require_once( ABSPATH . 'wp-admin/admin-header.php' );

// Custom Dashboard
include_once( 'dashboard/dashboard.php' );

}


// Redirects the user from the default dashboard to the custom dashboard
public function wp_redirect_dashboard()
{
if( is_admin() ) {
$current_screen = get_current_screen();
if( $current_screen->base == 'dashboard' )
{
wp_redirect( admin_url( 'index.php?page='.$this->menu_slug ) );
}
}
}

}
/*******************************************************
* Create new class *
*******************************************************/
$wp_custom_dashboard = new wp_custom_dashboard;
?>

Answers (6)

2015-03-15

Dbranes answers:

Replace

protected $parent_slug = NULL;


with

protected $parent_slug = 'index.php';

or use <em>add_dashboard_page()</em> instead (just a wrapper for add_submenu_page with the index.php as the parent slug)

This adds a visible sub admin menu item in addition to the "Home" submenu item. You can easily remove the "Home" item with

remove_submenu_page( 'index.php', 'index.php' );

inside the <em>admin_menu</em> callback. Then you could consider using instead:

protected $menu_title = "Home";


---

Another approach would be to replace:

wp_redirect( admin_url( 'index.php?page='.$this->menu_slug ) );


with:

wp_redirect( admin_url( 'admin.php?page='.$this->menu_slug ) );


and replace:

protected $parent_slug = NULL;


with

protected $parent_slug = 'admin.php';

But this will not show your submenu items under "Dashboard".

---

Note that there are other bugs in the plugin:

a) It uses

$this->PLUGIN_URL


but should use

$this->plugin_url

b) It is missing an <em>exit</em> after the redirect and I would use the <em>safe</em> redirect instead.

So replace:

wp_redirect( ... );


with

wp_safe_redirect( ... );
exit();


Armand Morin comments:

This worked perfectly.

The problem was...

protected $parent_slug = NULL;

One I replaced with index.php everything worked thanks.


Dbranes comments:

Glad to hear it worked for you @Armand Morin

2015-03-15

Navjot Singh answers:

The line

if( is_admin() )

in function wp_redirect_dashboard() is responsible.


Navjot Singh comments:

You might wanna change it to is_user_logged_in().


Armand Morin comments:

Yes, I thought so too, but I tried and it didn't work.

2015-03-15

Hiro Hito answers:

Hi,


add an exclamation mark before the is_admin to fix this


// Redirects the user from the default dashboard to the custom dashboard

public function wp_redirect_dashboard()

{

if( !is_admin() ) {


Armand Morin comments:

Yes, I tried that, but then the dashboard doesn't show in the admin. So the plugin doesn't work.

2015-03-15

Arnav Joy answers:

You see this function


// Redirects the user from the default dashboard to the custom dashboard

public function wp_redirect_dashboard()

{

if( is_admin() ) {

$current_screen = get_current_screen();

if( $current_screen->base == 'dashboard' )

{

wp_redirect( admin_url( 'index.php?page='.$this->menu_slug ) );

}

}

}

In this there is

if( is_admin() ) {

This causing the problem


Armand Morin comments:

Yes, I thought so too, but still get the error even if remove the whole if statement wrap.

2015-03-15

Glenn Tate answers:

I think it's a conflict with something else as the plugin is not verifying the users capabilities. I'd disable all other plugins and try it alone and if that does not work try a default theme.


http://codex.wordpress.org/Function_Reference/is_admin

This Conditional Tag checks if the Dashboard or the administration panel is attempting to be displayed.<strong> It should not be used as a means to verify whether the current user has permission to view the Dashboard </strong>or the administration panel (try current_user_can() instead). This is a boolean function that will return true if the URL being accessed is in the admin section, or false for a front-end page.




current_user_can( $capability, $args )



http://codex.wordpress.org/Function_Reference/current_user_can

2015-03-15

Bob answers:

have you tried this plugin
[[LINK href="https://wordpress.org/plugins/sweet-custom-dashboard/"]]https://wordpress.org/plugins/sweet-custom-dashboard/[[/LINK]]

[[LINK href="https://wordpress.org/plugins/client-dash/"]]https://wordpress.org/plugins/client-dash/[[/LINK]]

here is tutorial which for sweet custom dashboard plugin
http://www.wpexplorer.com/how-to-wordpress-custom-dashboard/