Post Access Controller

Initially this was developed for use on my own site to allow proposals I created for clients to live within my WordPress site as a custom post type but one that (even if someone stumbled across the URL) they wouldn’t be allowed to see. But the uses are already going beyond that for me and I’m sure there are many implementations that I haven’t even thought of.

Post Access

Within the edit form for any of your post types (see below for configuration options that will determine which types of posts get this option) there is a new meta box that allows you to indicate what type of access controls you would like to enforce on that post. If you choose “By Individual” then you are given a list of all the current users for that WordPress installation. You can check as many of these checkboxes as you’d like to individually give those users access to that particular post. Similarly you can choose “By Group” from that same drop down and you will be presented with a listing of groups that users can be assigned to for more reusable combinations of users.

User Groups

As mentioned above, each post can have one or many user groups that are given access to a particular post. These groups are maintained through the “User Groups” forms that live within the “Users” menu in the WordPress admin. You can create as many user groups as you’d like and assign users to whichever groups make sense. There is no limit to the number of users within a group and there is no limit to the number of groups a given user can be in. These groups can make this a great tool for websites for organizations that have committees or teams that need access to some information but that information is not public. A user group can be setup and re-used over and over. And then if a member leaves (or is added) it only needs to be maintained in that one group definition rather than adjusting all of your posts.

These admin forms have been built with all the WordPress admin tools and structures so they feel like they are part of WP Core. Easy to browse through, filter results and maintain all of your groups and their members.

Configuration Options

There are just a few configuration options for this plugin available through the Settings menu:

1. You can specify which post types should even have this option on the edit form. This can be nice when there are multiple administrators and authors and only some post types should have this sort of option.
2. There is a place to enter the default access denied message that a visitor would see if they tried to access a post that they were not allowed to see based on the controls setup. This can be overridden within each post but it’s nice to have a default if it’s always going to be the same message you want to tell visitors.
3. To make this fit with your preference on how the edit post form feels you can adjust the location that this new meta box should go to. This is a little generic because of how many options there are for WordPress to layout their admin but you get all the options that WordPress provides for locations on that form.
4. Lastly you can control the “priority” of where that meta box falls in the location you specified. For instance if you put a high priority on something and put it in the “Along Right Side” location then it will be at the top of the right side above the publish box. Any other priority setting for the right side location setting will result in it being below the publish box.

Future Enhancements

Any good plugin will almost always have things that it could do that it doesn’t right now. Rather than keeping those internal it seems like a good idea to put them out there for discussion or at least so you know what might be coming. That way if this plugin looks like it does almost what you’re doing but you know it’s going to do all of what you need in the future you can get on board now. Also please feel free to request features!

• Create a settings page option to limit which users can maintain their own groups. Sometimes users might be subscribers and shouldn’t be able to add themselves to an admin-like group (for instance).
• Add filter/sorting options to the listing of users on the group maintenance page for sites where there are hundreds or thousands of users the current inputs would be difficult and frustrating.
• Add filter/sorting options to the listing of users or groups on the post maintenance page. Even once groups are setup maybe there are lots of groups or some posts just require the setting of users individually. The current method of sorting just by name might get majorly time-consuming on sites that have lots of users.
• Add logic to the post maintenance page to make sure that at least one user or group has access to the post

Have an idea? Submit it using the Support menu option and I’ll let you know about getting it added!