Control access to user created posts so only post creator can view the post

Hi...

I'm trying to make something that works like a web-application, and I'm trying to use Membership to do so... maybe you have some suggestions on how I could do this?

Here are the details:

I have a wordpress site built using Pagelines, (http://pagelines.com) Gravity Forms and Toolset (http://wp-types.com/) and WPMU's Membership plugin

I used Toolset's plugins Types and Views to create and display a custom post type called "Strategies".

I am using a tool that is part of "Toolset" from wp-types.com called "CRED" - I used CRED to make the form at:

http://branded.wpengine.com/thefrontend

This form allows users to create these custom "Strategy" posts.

I plan to use Gravity Forms and the Gravity Forms User Registration addon to allow users to register for a wordpress account.

Finally, I was hoping I could use WPMU's "Membership" plugin to control access to the form at /thefrontend, but also control access to individual posts that are created:

The feature I want, that I can't seem to create, is to control access to the "Strategy" posts that are created, so that any post is only viewable (readable) by the user who created it.

http://branded.wpengine.com is the site

You can visit:

http://branded.wpengine.com/thefrontend to see a simple form where users can create a new "Strategy" post.

This is an example of the post that is created:

http://branded.wpengine.com/strategy/distill/

I want to control access to this so that only the user that created it can see it. Even better, would be if there was some way that the creator of the post could add additional users that are allowed to view or view & edit the post.

  • Jack Kitterhing

    Hi there @Distill

    I hope you are well today and thank you for your question.

    I have taken a look at the site and I believe the best way to protect the form would be using a URL group rule, are you using positive or negative rules?

    If you add a new URL group and put the URL as http://branded.wpengine.com/thefrontend/

    Then add the URL group rule on a access level it will then block that from being reachable by everyone :slight_smile:

    With the posts, there isn't a way to do that out of the box that I'm aware of, as the problem is, we don't know what the URL is until it's published and that would mean every member would need their own subscription with their own set of rules, if that makes sense?

    Thank you!

    Kind Regards
    Jack.

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.