As mentioned previously, I installed the User Permissions Plugin (version 0.8.4) so that I could control who gets to read my more personal posts.  The plugin was working great until I realized that it was denying access to posts that it should not be.

First I had to figure out how to debug WordPress plugins.  I first tried the wp pear debug plugin but I could not figure out how to get it to output anything.  Later I realized it was making things worse because for some reason it cleared all the roles from the current user.  Then I found the WiPeD debug plugin which was simple to use.

After many hours of debugging I determined that the problem was an incompatibility between the User Permissions Plugin and the Yet Another Related Posts Plugin (YARPP).  The problem was that if a public post had at least one related post that was protected the User Permissions Plugin would redirect the user away from the public post.

The simple solution was to not redirect if the post that is protected is not the post being displayed.  The trick was finding the post ID but fortunately this article, Retrieve and Get WordPress Post ID Outside the Loop as PHP Variable, turned out to be immensely helpful.

It turns out there are three different ways to get the post ID.

  1. global $wp_query;
    $post_id = $wp_query->post->ID;
  2. global $post;
    $post_id = $post->ID;
  3. global $id;
    $post_id = $id;

Using this information I modified user.permissions.php in the User Permissions Plugin source and now this plugin works happily with YARPP.  Here are the modifications I made.  I sent these modifications to the plugin author, John Godley.

***************
*** 90,109 ****
  {
    if (!empty ($posts))
    {
!           global $current_user, $id;

!           foreach ($posts AS $idx => $post)
      {
        $permissions = Permissions::get ($post->ID);
        if ($permissions && $permissions->can_read ($current_user) == false)
        {
!               if (is_single () || is_page ()) {
!                 if (empty($id) || $id == $post->ID) {
!                   $permissions->redirect ();
!                 }
!               }
          else
!                 unset ($posts[$idx]);
        }
      }

--- 90,106 ----
  {
    if (!empty ($posts))
    {
!           global $current_user;

!           foreach ($posts AS $id => $post)
      {
        $permissions = Permissions::get ($post->ID);
        if ($permissions && $permissions->can_read ($current_user) == false)
        {
!               if (is_single () || is_page ())
!                 $permissions->redirect ();
          else
!                 unset ($posts[$id]);
        }
      }
Share

6 Responses to “Getting User Permissions to work with YARPP”

Chip Camden wrote a comment on June 10, 2009

Glad you liked my simple debugger, and thanks for the mention!

Community Modder wrote a comment on August 28, 2009

Hi, I would like to hear more about the problem experienced with the wp-pear-debug plugin. Maybe it is something we need to be looking into while updating it.

seonghuhn wrote a comment on August 29, 2009

Hi Community Modder,
Thanks for asking about my problems with the wp pear debug plugin. It’s been awhile since I worked with it but what I remember was that although I was logged in as an administrator whenever I enabled this plugin the other plugin never recognized I was an administrator.
Thanks,
Frank

Community Modder wrote a comment on August 30, 2009

That is very interesting. Can you post a link to the plugin which could not recognize you as an administrator? The debug plugin does nothing but reads the user’s role from the user object so I found it strange that you said it erased permissions. The other thing is I was thinking if it really had that effect then it should not affect only one plugin but rather the entire system. This one mean that you would not be able to perform administrative duties as admin.

There is now a new version of the plugin (v1.4). It has cleaner more commented php5 style code and makes use of new hooks. The main thing is now the plugin is completely wrapped in its class. This means it has no code in the global space that could potentially cause a conflict.

seonghuhn wrote a comment on August 30, 2009

The plugin which did not recognize me as administrator is user permissions.

http://wordpress.org/extend/plugins/user-permissions/

It is quite possible that the new version of the plugin won’t cause these problems but since I am not having problems with user-permissions anymore I won’t need to test your new version. :-)

Thanks for checking in and helping out. I didn’t expect this kind of personal service. :-)

Community Modder wrote a comment on September 6, 2009

I am always open to ideas that could help improve the plugin.

Care to comment?