Forms

@noelawill – I’m assuming your making restrictions in the settings page, and there are rules for forms.

First, those are not rules we are familiar with, so either another plugin has written custom code to add those, or my more realistic guess is that WP Forms is using post types to store their forms, and for whatever reason have not marked them private. Our condition system automatically generates rules for every non-private post type.

But those rules are applied during rendering of the page on the front end via normal the_content and template_redirect filters/actions.

I’m assuming they woulnd’t use those to render forms.

Our other plugin Popup Maker is similar though marked private, we use post types, but not the normal rendering stuff of WP.

Likely those targeting options shouldn’t be there.

@danieliser thank you very much for the explanation, I suspected as much.

Do.you have any ideas how I could control user access to forms in this case without resorting to displaying the form in a post?

@noelawill – I mean if your comfortable hacking your own solution in PHP I might be able to point you to some of our functions that could be used to manually check a specific restriction set as a condition to another filter. I haven’t confirmed it would be doable, but worth a shot.

That is you could theoretically filter the forms rendering methods (not familiar with those, you’d have to consult their docs), and not render it if that restriction set were to fail.

Thank you Daniel unfortunately i’m not as capable just yet but I do have the support of someone who probably could do that.

Hi @noelawill

We’re sorry for the delayed reply.

Glad to hear that you have someone who can help you.

Let us know if they need something from us or if you have any questions.

Thank you!

If you could point me to the functions that @danieliser mentioned?

@noelawill – Sorry for the delay.

Ok so this is the code we use to redirect a page that they don’t have permission for.

https://github.com/code-atlantic/content-control/blob/master/classes/Site/Restrictions.php#L30-L34

You might be able to hack that into a filter of whether the form should render or not, but I’m honestly not sure how to tie that to the form post type properly so my guess is that directly wouldn’t be the solution.

That said if you made a new restriction that didn’t target content, but set the user permissions properly, you could theoretically duplicate our restriction check code, choose that restriction by index and skip the “content_check”

https://github.com/code-atlantic/content-control/blob/master/classes/Site/Restrictions.php#L48-L67

$restrictions = JP\CC\Options::get( 'restrictions' );

$restriced_content = false;

if ( ! $restrictions || empty( $restrictions ) ) {
	return $restriced_content;
}

// first one in list I believe currently, in future they will have actual IDs.
$restriction = $restrictions[0]; 

$is_restricted = \JP\CC\Is::access_blocked( $restriction['who'], $roles, array( 'context' => 'content_restrictions' ) );

if ( $is_restricted ) {
  // do stuff or don't.
}

Hope that helps, you’ll have to hack it into your stuff from there, but it should work in theory.