Hide restricted content from menus

[nemchik]

I have noticed that using this plugin when I use the content restriction options to limit certain pages for example to only be seen by admin and editor, all users regardless of role can still see the link to that page in the navigation menu (using built in WP menu editor for my menus in my themes). There is another plugin similar to this one that allows those links for restricted pages to be hidden, but this plugin has more benefits so i'd prefer to fully switch to just this plugin. Could it be possible for this plugin to hide links from navigation menus when the person viewing is not assigned to a role capable of viewing said item?

(I am copying this from my wordpress.org support forum post https://wordpress.org/support/topic/hide-restricted-content-from-menus to github as an issue, it seems to make more sense here)

[nemchik]

To be more specific, https://wordpress.org/plugins/wordpress-access-control/ this is the plugin, and just looking at the php code it seems like it's replacing the menu with a custom menu that handles displaying only the items a particular viewer should have access to. I didn't read into it too much, but that's my impression of first glance.

(this reply is also copied from the wordpress.org support forum post I made)

[justintadlock]

I'd just recommend this plugin: https://wordpress.org/plugins/nav-menu-roles/

The truth is that if I start adding every requested feature like this, the plugin would be unusable. Everyone has their own preferences for what their membership site should do. I could see this being a members add-on, but since there's already a plugin to handle it, I think we should just go with that.

[bruno-barros]

Like @justintadlock sad. I use this plugin too.

[nemchik]

That plugin seems to actually over complicate the intention of what I was getting at with this request. It seems to want the admin to explicitly define whether each menu item should be hidden or visible (and to whom). I haven't installed it yet, but I'll give it a try.

If such a feature were to be considered for addition in this plugin I would think a single check box in the main settings of the plugin that reads something to the extent of "hide menu items from unprivileged viewers" and would only hide menu items if a page had access restrictions defined, and would display the menu items only to those with the access to the page.

Anyway like I said I'll give that other plugin a try before pursuing this request further.

[nemchik]

OK I tried that plugin.

It is capable of hiding menu items, but any such hiding has to be explicitly defined on a per link basis. This really doesn't mesh with the idea behind my request, because to get everything right by using a combination of the two plugins (members and nav menu roles) the admin (me, or whoever) has to define per page which user roles have access to a page, and then define per menu item which roles can see the link to the page, and if these two for some reason don't match the site ends up having users in certain roles that don't see links for pages they should have access to, or the opposite, users who don't have access to a page but still see the link in the menu and all they can get to is the denied access page.

It seems to make more sense to couple these two features together. I can't imagine many scenarios where an admin would intentionally want unprivileged users frequently being directed to the access denied message, unless they are using that as a way to try and get paid memberships by intentionally showing how much content is restricted. Sort of saying "look what you get access to for the price of $membership" or "if you need access to this content you'll have to pay for buy in", which is a legitimate way of doing things I guess. So for that reason I think the check box in settings to enable the feature of hiding menu links from unprivileged visitors makes more sense.

I know not wanting to use the two plugins is semi lazy on my part, but it's also me being protective of handing a WordPress installation over to another admin, because I can't always expect they will take as much care to remember these things.

Another argument against the separate plugin approach is if you have a menu set to automatically add newly created pages to the menu (a default option in the way WordPress handles menus) and you have a user role who can create pages but not edit the menu then they could end up creating a page with restrictions and having the link show up in the menu for everyone to see until someone with menu editing privileges catches the issue and corrects it.

Sorry for such a long rant, but in hoping to clarify my request as much as possible, and I hope you'll consider it.

[justintadlock]

That makes sense. It's pretty much a non-starter for inclusion in Members for me. It might be worth a go as an add-on plugin though.

Honestly, I'd like to break the entire content permissions component off into its own plugin.

[nemchik]

If you were to break the content permissions component into a separate plugin it seems it would actually function very much like the plugin I had mentioned earlier https://wordpress.org/plugins/wordpress-access-control/ but I think the UI you have currently is much nicer than the UI in that plugin. That would also leave the members plugin a bit slimmed down and it would actually look a little more like this other plugin https://wordpress.org/plugins/user-role-editor/

What has drawn me to your plugin is that you seem to have combined the two plugins mentioned above and provided a much nicer UI for the functionality of both. I hope to see that continue. To me the ideas and features of the two plugins mentioned above seem to make sense working together, and your plugin currently does exactly that.

[justintadlock]

There seems to be a bit of a stigma around having multiple plugins. Personally, I have 6 different plugins (including Members) for handling my own membership site. And, I don't use Content Permissions at all. Each plugin handles specific functionality. I also have a bit of stuff built directly into my theme.

This discussion is probably a bit outside the scope of this ticket, but (aside from the UI overhaul), the newest version of Members created several APIs for building add-on plugins. The reason for this is so that other plugin authors and I could come in and build different types of membership features. Because membership sites vary so much, something like Content Permissions only makes sense for some sites. Whereas, some other feature would work better for other sites.

Splitting it off would also mean that I'd be more open to adding new features specific to Content Permissions. Right now, I don't want to add any additional bulk like this to the main Members plugin.

Whatever happens in the future, Content Permissions is going to be in Members for a long time. I'm not looking to overhaul Members any time soon.

[nemchik]

I agree there is some stigma to having multiple plugins. In your case though you have multiple plugins that are mostly designed to interact with each other (if i read your blog correctly). The plugins I have mentioned are not designed to work together. It happens that they do end up working together, but this is mostly because of the fact that they both start from the basis of using the default wordpress user roles.

In my experience the better your plugins work together the easier it is to manage your site and get the desired behavior quicker. This is even more true when there are plugins like yours that provide two different sets of functionality within a single plugin (user roles editor, and controlling access to the site and it's pages) because it's easier to setup and keeps the admin panel from getting overly cluttered by having many individual plugins all having their links in the admin panel. And I wouldn't want to use another plugin to hide links from the admin panel because I want access to the features, but having 2 plugins means 2 links, where having one plugin that offers the features from both of the other plugins means less admin clutter.

I know i'm being nitpicky, and i agree the conversation is surely out of scope. I'm looking at it from a standpoint of "why would I use plugin X vs using plugins Y and Z together" and right now the answer is X offers (almost) everything that Y and Z offer, but if you end up splitting X into V and W, then those two plugins would be roughly equivalent to Y and Z, and there really wouldn't be an X anymore (even if maybe V is actually X without the features of Y). So as an admin deciding which plugins I need to get the desired results for my website I'll take X rather than WV or YZ. Sorry for all the letter confusion, but for the sake of driving the point I think that illustrates it.

I guess my thoughts are if you separate the plugin, the resulting two plugins you ill have after that is done will be nearly identical to two plugins that already exist, but yours might work nicer together and have a better UI.

[justintadlock]

If I were to make Content Permissions an add-on plugin, it'd be pretty seamless. There wouldn't be any additional admin clutter. You'd simply have two plugins with a single admin screen. The only difference would essentially be the difference between ticking the "Enable content permissions" checkbox and clicking "Activate" to activate the add-on plugin.

This is just me thinking out loud though. Realistically, I might build something like Content Permissions Pro with extra features while keeping the base features in Members. I've got several ideas that I'm exploring.

[nemchik]

That idea does make sense. I assume by pro you would be intending to make a paid add-on. I would hope that existing free features wouldn't be removed and placed exclusively in the paid add-on.

Don't get me wrong, I'm not against paid addons, but no user base likes having free features removed in favor of a paid version.

[Aetles]

@justintadlock You might wanna consider adding the recommendation of Nav Menu Roles to the FAQ, for questions about menus. Restricting the menu items was the first thing I was looking for after activating Members. Knowing that it is not part of Members and that the author actively encourage the use of another plugin would be helpful.

[justintadlock]

If this question was more common, I'd probably add it to the FAQ as a recommended plugin for hiding menu items.

I'd really want to explore several alternative plugins for hiding menu items before "officially" recommending a third-party plugin. I don't use that particular plugin; I've just heard good things about it from others.

[nemchik]

To throw my two cents in again; that plugin does work, but it is tedious to configure separately from the access restrictions in the member plugin. Duplicating effort to manage a site seems quite a waste to me.

[m-e-h]

I use that plugin on every install and also wish these two plugins worked seemlesly together. But before we create a new plugin or add more function this one(which is great because of its simpliciy, IMO), maybe we first see if that plugin author is interested in adding some members integration.. I think she'd at least consider it. It's late now and I'm on mobile but I'll drop an issue on that repo tomorrow maybe to ask.

[Aetles]

@justintadlock Seems fair, and you are in a better position to judge if it is a common question or not. I just assumed that most people who restrict access to a page also wan't to know how to disable corresponding menu item (as most pages are part of some sort of navigation).

Regarding the hassle of having to use two plugins, and explaining for the user that they have to change/set up everything twice; isn't that partly because in WordPress pages and menus are two completely separate items, and not connected in any way? Even before I was trying to restrict access this has been a major hurdle when I set up WordPress sites for customers and giving them instruktions on how to administer them. For many people not familiar with WordPress they often have a concept of a 1:1 relationship between menu items and pages.

Still, one plugin that tries to integrate menu and content restriction into a more seamless work flow would be welcome and easier for the end user, no doubt about that.

[klubdergutenseiten-user]

This is an old issue but for those who are wondering, it's actually rather easy to achieve. Add this to your functions.php in your theme to hide menu entries:

/**
 *  Hide protected pages and posts from menu
 */
add_filter( 'wp_nav_menu_objects', 'aid_filter_restricted_pages_from_menu', 10, 2 );
function aid_filter_restricted_pages_from_menu( $items, $args ) {
    $user_id = get_current_user_id();
    foreach ( $items as $item => $obj ) {
        if ( function_exists( 'members_can_user_view_post' ) ) {
            if ( ! members_can_user_view_post( $user_id, $obj->object_id ) ) {
                unset ( $items[ $item ] );
            }
        }
    }
    return $items;
}

[nemchik]

@aleaiacta That seems pretty simple. Any way this might be usable to create a setting in the plugin that could just enable your code? (p.s. I have not tested it, but I'm assuming it does what has been discussed above) edit: I have now tested and confirmed it worked for me.