admin visibility problem at careerplan.commons.gc.cuny.edu
Joseph Hill reports:
I work for the Office of Career Planning & Professional Development. We're having a problem with the backend of our site (https://careerplan.commons.gc.cuny.edu/). On our user page (https://careerplan.commons.gc.cuny.edu/wp-admin/users.php), administrators can no longer see each other. For example, on my user page (see attachment), I am the only administrator listed even though there are at least four other users with this top editing permission. Additionally, we can no longer change a user's role to administrator--the option simply no longer exists in the drop-down menu.
We noticed this problem shortly after activating the Yoast SEO plugin, so I uninstalled the plugin to see if the administrators would reappear. However, this didn't resolve the problem, which makes me believe that that plugin installation was unrelated to our problem.
I'm not an admin there so I can't see it.
#1 Updated by Boone Gorges about 2 years ago
- Status changed from New to Reporter Feedback
I've confirmed the issue.
It's being caused by the User Role Editor plugin. This plugin appears to do lots of weird stuff on WordPress Multisite, hiding various bits of functionality from site Administrators who are not also Network Administrators. The 'Administrators' tab on the Users panel is one example of this. The plugin also hides itself from the Plugins list, and hides its Settings panel. Note to self: there's a flag URE_ENABLE_SIMPLE_ADMIN_FOR_MULTISITE, but this isn't enough - you have to ensure that Admins are granted the ure_manage_options cap.
It looks like I might be able to modify some of the plugin's default behavior to make it possible for site admins to manage URE settings properly. But presumably there's a reason why the plugin behaves this way in the first place (eg I'd have to be careful not to allow site admins to grant themselves network caps). So before I make the change, I'd like to understand better how the plugin's being used on the site in question. Could you ask the reporter whether the plugin was recently activated? Are the plugin's features being actively used? In other words, did the user who originally activated the plugin then make changes to modify the default user roles?
I have a hunch that on this site, and on all other sites on the Commons where this plugin is activated, the site admin is unable to configure the plugin for the reasons described above - which means that it's not really a useful plugin for anyone on the Commons (except perhaps network admins). If this hunch is correct, we should probably remove it. CCing Ray in case he's got experience with the plugin.
#2 Updated by Marilyn Weber about 2 years ago
At this point, I'd prefer to try simply deactivating the plugin entirely.
I have no idea why the User Role Editor plugin was activated, nor do I know what it would be used for on the site. It's possible that it was activated as a work-around to something, but since we can't access the Settings panel, I can't imagine that it's of much use.
Can you remove it for him?
#5 Updated by Boone Gorges about 2 years ago
- Target version set to 1.15.13
The way the plugin works, it's not possible for regular administrators to disable it. (Cool feature!) I have disabled it myself.
In https://github.com/cuny-academic-commons/cac/commit/477347681e1d281adb5a1bebb1adc93c569b3b4a, I've disabled the plugin from being activated on Commons sites. This change will be live on the Commons after 1.15.13 release.
Fewer than 10 sites on the Commons are using this plugin, and as suggested above, it's likely that it's not actually working for any of them. Given this, I think it's probably okay to remove without going through a bunch of outreach - since it's non-operational for non-super-admins, site admins won't notice it's gone. Matt, can you confirm this before I do it?
#7 Updated by Boone Gorges about 2 years ago
- Status changed from Reporter Feedback to Resolved
The plugin is removed in https://github.com/cuny-academic-commons/cac/commit/ef9fae49c67996cf65f072d95b5abfba7f9c3627, and in https://github.com/cuny-academic-commons/cac/commit/d41986cf64502d9f4ca44f2ecac9862c2264252a I removed the exclusion from the blacklist (no longer needed).