PriMoThemes — now s2Member® (official notice)

This is now a very OLD forum system. It's in READ-ONLY mode.
All community interaction now occurs at WP Sharks™. See: new forums @ WP Sharks™

Roles versus Capabilities

s2Member Plugin. A Membership plugin for WordPress®.

Roles versus Capabilities

Postby PseudoNyhm » June 24th, 2011, 10:21 am

I'm sure this is correct (not a bug), but it was a point of confusion for me. Please note that I am just starting to get familiar with how Roles and Capabilities are managed in WordPress and by s2Member. I'm writing this to (a) explain what I've found for others, and (b) seek some expert clarification.

Scenario: WordPress installed with s2Member, with two users: admin (and Administrator) and user (a registered "Free" Subscriber).

When user is logged in, I can use the following shortcode to test access level (as expected):
Code: Select all
[s2If current_user_is(s2member_level0)] ... [/s2If]


The s2Member documentation implies that WordPress Administrators, Editors, Authors, and Contributors have Level 4 access, with respect to s2Member. I expected that current_user_is(s2member_level4) would return true when admin is logged in. This is not the case. Instead, the correct check is:
Code: Select all
[s2If current_user_can(access_s2member_level4)] ... [/s2If]


The admin has the capability to access_s2member_level4 but does not actually have the role of s2member_level4.

One point of confusion is that user is a Subscriber (roll), but current_user_is(s2member_level0) still works. I expect this is because s2Member does something to take over the role assignment of Subscriber (and others?), so current_user_is('subscriber') is functionally equivalent to current_user_is(s2member_level0) (in all cases?). What is the most reliable/correct call to make?

Any expert insight into this conclusion is appreciated. Even though this is probably obvious to those more familiar with WordPress Roles/Capabilities, I'd recommend a short blurb somewhere in the docs (unless I missed it). Overall, now that I (think I) understand, I'm really making quick progress developing a paid member site; s2Member is really impressive.
User avatar
PseudoNyhm
Experienced User
Experienced User
 
Posts: 79
Joined: June 19, 2011

Re: Roles versus Capabilities

Postby Cristián Lávaque » June 24th, 2011, 12:09 pm

You see, the free level already existed in WordPress as Subscriber, but since it's a level of access and s2Member added 1 to 4 as well, 0 was added as a synonym to Subscriber. This way the default role is still there for compatibility, but the new name makes sense with the new level roles for the incremental access. At least that's how I understand it, and it makes sense in practice.

Now, current_user_is('s2member_level0') will only be true with someone actually at Level 0, not above, so it can't be used to check if someone is logged in. For that you'd either check current_user_can('access_s2member_level0') or is_user_logged_in().

Your observation about Level 4 access is correct.

PseudoNyhm wrote:I'm really making quick progress developing a paid member site; s2Member is really impressive.


I'm glad you're liking s2Member, thanks for the kudos! Jason really is doing an awesome job with it.
Cristián Lávaque http://s2member.net
Is s2Member working for you? Please rate it Image at WordPress.org. Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Roles versus Capabilities

Postby PseudoNyhm » June 24th, 2011, 12:26 pm

However, I find that when logged in as admin (with WordPress Administrator role), calling current_user_is('s2member_level0') returns true. My understanding is that the Administrator role has access to level 0, but should not resolve as actually being exactly level 0.

Is Administrator special (does it actually show up as being all rolls)? What am I misunderstanding? Is this an s2Member behavior or a WordPress behavior?
User avatar
PseudoNyhm
Experienced User
Experienced User
 
Posts: 79
Joined: June 19, 2011

Re: Roles versus Capabilities

Postby Cristián Lávaque » June 24th, 2011, 12:56 pm

I'll ask Jason about this. I think it may be more related to the level 0 than the administrator role. If you do current_user_is('s2member_level1') as an admin, does it also return true?
Cristián Lávaque http://s2member.net
Is s2Member working for you? Please rate it Image at WordPress.org. Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010

Re: Roles versus Capabilities

Postby PseudoNyhm » June 24th, 2011, 1:36 pm

Thank you for looking into this, and my apologies. This is embarrassing, but I'll own up to it: I had an unclosed [/s2If] near the top of my logic. It was only a couple statements, but I should have created a more isolated test case. (I guess I've grown soft using languages with compilers that check syntactical correctness for me.)

I think most of what I originally stated was still accurate, but this clears up that final point of confusion. When the developer's logic is correct, an Administrator does not resolve as a Level 0 ... in fact, not even as a Level 4: current_user_is(s2member_level4) returns false for admin. The capability check must be used current_user_can(access_s2member_level4).

There is still some subtlety there, which can be confusing to new users (more so if PHP and shortcodes are not your native tongue).
User avatar
PseudoNyhm
Experienced User
Experienced User
 
Posts: 79
Joined: June 19, 2011

Re: Roles versus Capabilities

Postby Cristián Lávaque » June 24th, 2011, 1:39 pm

Thanks for the update. :)

Yeah, we're looking into ways to make the plugin even simpler for new users. Thanks for the input!
Cristián Lávaque http://s2member.net
Is s2Member working for you? Please rate it Image at WordPress.org. Thanks! :)
User avatar
Cristián Lávaque
Developer
Developer
 
Posts: 6836
Joined: December 22, 2010


Return to s2Member Plugin

Who is online

Users browsing this forum: Exabot [Bot] and 0 guests

cron