Problem Roles Privacy

The private setting changes who sees the page, not who can edit the page. Authors can normally edit their own pages any time they please. If you want to prevent that, you could use a roles and capabilities plugin like “Members” to remove the “edit_published_pages” capability from the role.

Hi, thanks for answering. The idea is that the Administrator publishes pages, and those who have the role of Author can only change the privacy of those pages, make it public or private.

Tomorrow I check to see if editing that role I can do it. I’ll tell you to see if it worked. thank you very much. You’re so kind.

Hi @bcworkz. I have tried to remove that permission from the “Author” role, and it is great because I cannot modify the page, but neither does it let me do what interests me, so that the user with the “Author” role can change the page to private or public.

Can you think of any other way?

Oh, I see what you’re after now. I misunderstood who and why the visibility is changed. The visibility setting is tied to the same capability and difficult to separate out. All I can think of is adding a separate UI element that allows changing visibility despite the lack of edit published pages capability. Such as a custom meta box that toggles the setting via Ajax. Custom PHP code always has full capabilities and it’s possible to alter things without checking capability.

It’s not a good UX to have two things doing the same thing where one works and the other doesn’t, but it would be a viable workaround. Even if the custom code does not check for the proper capability, it should at least verify the page being altered is authored by the current user.

First of all thank you very much for your help. I see that it is more complex than I imagined. I will talk to my boss and tell him everything.

A cordial greeting.