Introduce filter to change settings page required capabilities

[aguilar1181]

I have the need to add other administrators since editor access wasn't enough. But I don't want the other administrators to access the settings or log. They could reset the log if they made a mistake. So I want to be the only one with access.

I created a custom capability 'admin_with_log_access' and assigned it to my user ID only. I then used the filter 'aal_init_roles' to allow only myself to see the log, like:

add_filter( 'aal_init_roles', 'my_log_access' );
function my_log_access() {
  return 'admin_with_log_access';
}

That works by restricting other users from accessing the log but not the settings. I looked into the plugin code and I see the required capability to access the settings is 'manage_options'.

Is there a hook where I could change that capability to my custom one? if not, can a new hook be add it?

I tried using 'aal_menu_page_capability' in a similar way as I did above using:

add_filter( 'aal_menu_page_capability', 'menu_only_access' );
function menu_only_access() {
  return 'admin_with_log_access';
}

That did not work due to the fact that the function checks first if the user has the 'view_all_aryo_activity_log' capability and since this returns true then it does nothing further. The filter works well to restrict/control access to the menu page for non-admins, but it doesn't restrict access for sites with multiple admins.

Hope this makes all sense.

[KingYes]

I have this PR about this issue. Can you confirm whether the issue is fixed? https://github.com/pojome/activity-log/pull/205