The MU forums have moved to WordPress.org

Allow users to add new users, but not above their role (4 posts)

  1. johndeery
    Member
    Posted 14 years ago #

    Hello everyone,

    I'm looking to expand my current mu install to allow teachers in our schools to add users to their blogs. A few of our teachers are in the elementary grades, so they want to be able to add users that may not have email addresses.

    Now, I know how to hack it so that they can use their email for multiple accounts. What I'm wondering is this: Right now when they create a new user, it asks for their role. The highest rank I've given any user is Editor, as I do not want them to have access to certain functions. But when they get that drop-down, it will allow them to create a user with admin access.

    Is it possible to change this behavior so the drop down will check and see what kind of access they have and make that the top level they can create at? IE, if someone is an author rank and I want to go into their profile and grant them "Create User" rights (via the role manager plugin), I'd like that dropdown to only display the ranks of:

    Author
    Contributor
    Subscriber

    and so on. Not looking for someone to do it for me, just want to know if it's possible and maybe a direction to look in (before I start hacking this thing to bits and pieces)

    Thanks!

  2. dsader
    Member
    Posted 14 years ago #

    The list of roles available is "pluggable" since WP2.8

    /wp-admin/includes/user.php

    Has a filter on the editable_roles.

    I googled and found what appears to be a Role Manager Security Patch fixing what you describe from early July/09.

    http://forum.wordpress-deutschland.org/plugins-und-widgets/55577-autor-darf-nur-bestimmte-benutzergruppen-hinzufuegen.html

    Looks like a plugin to do what you are after - Checks caps of the logged in user before displaying the list of "remaining roles" available.

    I do not use Role Manager, you'll need to look at the plugin author's page for status of this patch.

    Using what I found there, I could use the following to simply remove the Administrator as an option unless the SiteAdmin is editing the user

    <?php
    function ds_filter_editable_roles($roles) {
    // Only SiteAdmin can promote any user to a blog Admin
    	if(!is_site_admin()) {
        foreach ($roles as $role => $details) {
                    unset ($roles['administrator']);
                    break;
        	}
        }
        return $roles;
    }
    add_filter('editable_roles', 'ds_filter_editable_roles');
    ?>
  3. dsader
    Member
    Posted 14 years ago #

    <?php
    // Only SiteAdmin can promote any user to a blog Admin and Editor
    function ds_filter_editable_roles($roles) {
    	if(!is_site_admin()) {
        foreach ($roles as $role => $details) {
                    unset ($roles['administrator']);
                    unset ($roles['editor']);
                    break;
        	}
        }
        return $roles;
    }
    add_filter('editable_roles', 'ds_filter_editable_roles');
    ?>
  4. johndeery
    Member
    Posted 14 years ago #

    Perfect, thanks so much!

About this Topic

  • Started 14 years ago by johndeery
  • Latest reply from johndeery