Idle Session Logout (ISL) Custom User Roles

Home Forums BulletProof Security Free Idle Session Logout (ISL) Custom User Roles

Tagged: ,

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • August 9, 2016 at 11:13 am #30550
    Truthmonger
    Participant

    New to the plugin, but loving it so far! I’ve got a quick question, though:

    We’re using BPS on a WooCommerce site. As you may or may not know, WooCommerce creates a couple of custom user types beyond the normal WordPress ones (such as the Customer user role, for instance). Is there a way we can configure ISL timeouts for those roles?

    Thanks!

    August 9, 2016 at 12:01 pm #30551
    AITpro Admin
    Keymaster

    Idle Session Logout uses the WP user_level DB values to determine which user/user level ISL settings apply to instead of using the user’s Role (Administrator, Editor, etc).  So if WooCommerce creates this example custom user type:  WooUserTypeExample and the user level for this custom user type is 1 then using the ISL Contributor setting should be equivalent to the WooCommerce custom user type.

    Administrator user level = 10
    Editor user level = 7
    Author user level = 2
    Contributor user level = 1
    Subscriber user level = 0

    August 9, 2016 at 12:22 pm #30552
    Truthmonger
    Participant

    Thanks for the quick reply!

    It was my understanding that the user_level values were completely deprecated as of WP 3.0. How does it continue to function properly without levels?

    August 9, 2016 at 12:39 pm #30553
    AITpro Admin
    Keymaster

    user level values were not removed entirely.  What changed was that Roles and Capabilities are now used instead: https://codex.wordpress.org/Roles_and_Capabilities#User_Levels  at some point we will probably switch to using capabilities instead of user level since it is still flexible unlike using literal Roles.

    Or maybe a better approach would be to add an additional option in ISL to allow adding custom Roles.  This works fine when someone wants to change manual BPS settings and add additional custom Roles, but would not work at all for other things that are automated.  For automated things in BPS that are currently using user level values (maybe 2 or 3 things) the best solution would be to use capabilities for flexibility.

    User Levels

    Prior to version 2.0, WordPress used a user User Levels system. This was replaced in version 2.0 with the much improved and more extensible Roles and Capabilities system you see today. To maintain backwards compatibility with plugins that still use the user levels system (although this is very much discouraged), the default Roles in WordPress also include Capabilities that correspond to these levels. User Levels were finally deprecated in version 3.0.

    September 15, 2016 at 3:57 pm #30953
    AITpro Admin
    Keymaster

    As it turns out “capabilities” does not work since there is an overlap in capabilities for Roles so “Roles” needs to be used instead.

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.