[Membership 2 Pro] Page showing "Permission denied"

I have a page with a form created with Toolset (WP-Types). I also have a membership (one level, name of membership is "test":wink:. I have a CPT called "Project" and I have configured the membership "test" to access this CPT. The CPT is also configured to allow the user role "test" to access the CPT and the form that allows to create new posts from the front end.

Now, with Membership 2 deactivated, all is fine, when the plugin is active, only the administrator can access the page with the form to create posts. Users in the group "test" see Permission Denied.

Am I missing any setting?

  • Ashik
    • Staff

    Hi Mindustries,

    Thank you for your question. Hope you're doing well today.

    Can you please grant support access for us? So, we can take a look into your dashboard and solve the issue. Please visit this link https://premium.wpmudev.org/docs/getting-started/getting-support/#chapter-5 and follow the instructions.

    Let us know once it's granted. Cause we don't get any notification about it. Looking forward to hearing from you.

    Regards,
    Ashik

  • Ashik
    • Staff

    Hi Mindustries,

    Thank you for granting support access. Hope you're doing well.

    You're using Toolset to create and manage all of your posts (custom and default). The Toolset plugin has an Access Control option from where you can set posts privacy and control user behavior on default posts or CPT. Under Access Control option there are some settings that actually controlling the above error what is in your question. Needs to modify the settings. To do so go Dashboard > Toolset > Access Control > Choose your post type and follow this below screenshots

    The below screenshot will show what can a user do based on their role. You can modify it as needed.

    This below screenshot will describe how you can manage privacy for a default post or CPT. Upon click on the Pen symbol (edit) you'll be able to control what type of error message a user will see.

    Please review the settings and customize it as your own. Let us know specifically if none of above not enough to clarify the things. I'll try to bring some more examples

    Feel free to reply here if you've any more questions or concerns. Have a great.

    Regards,
    Ashik

  • Mirko G.
    • WPMU DEV Initiate

    Hi Ashik,

    thank you very much for taking the time to look into this in such depth.
    I am not sure what you are pointing out is the answer to my problem though.

    The message in question is coming out when visiting the following page: https://projectplan.me/wp-admin/post.php?post=61&action=edit

    The page is managed by Membership 2 that should allow access to users in the Membership group "Early Birds":

    Pages are not managed by Toolset Access:

    And I get the "Permission Denied" message when visiting that page with a user who is included in the membership "Early Birds":

    Please also note that everything works fine if I deactivate Membership 2.

    Thanks!

  • Ashik
    • Staff

    Hi Mindustries,

    Thank you for clarifying the things and sorry for the misunderstanding.

    I do believe the page content access managed by Membership 2 and I can see there is no problem with that to show a general text or media after login with my Membership 2 ID. Check the attached screenshot.

    The text "No Access Denied" is a general text that I've placed before the form shortcode, and it's appearing fine after login. But we're getting the error only for the Toolset Post Forms. Toolset Post Forms access manage by Toolset Access. Though I've review Toolset Form Access settings but didn't find anything wrong. Now I think 2 possible reasons can happen there.

    1. Something missing with the Toolset Access Settings.
    2. Conflicting issue between Toolset Access security and Membership 2 security

    In this situation, please do a check debug.log file under WordPress site root > wp-content on your host. If any error found in the file, please upload the file as a .txt file with your reply here.

    Also, send your site cPanel/FTP access for further investigation. Please, don't leave your login details on this ticket. Use our contact form here https://premium.wpmudev.org/contact/#i-have-a-different-question by following this below template.

    Subject: "Attn: Ashikur Rahman"

    Site login:
    WordPress site login URL -
    WordPress admin username -
    WordPress admin password -

    - cPanel/FTP credentials (host/username/password) port -
    - Link back to this thread for reference
    - Any other relevant URLs

    IMPORTANT: Please make sure you've select "I have a different question" for your topic. So, it doesn't go back to the forum. The subject line ensures that it gets assigned to me.

    Please confirm here that you sent those credentials.

    Feel free to reply here if you've any more questions or concerns. Looking forward to hearing from you.

    Regards,
    Ashik

  • Ashik
    • Staff

    Hi Mindustries,

    Thank you for pointing the right area. I'll escalate this to our SLS (second level support) team for more deeper investigation. But before that, I would request you take a look at this thread https://premium.wpmudev.org/forums/topic/protected-content-toolset-wp-typescom-cred-form-protected-content-hides-form and try if there anything missing with the user role.

    Also, contact with CRED form support team if possible and they can help. Let us know the update. So, we can take the next step as needed.

    Feel free to reply here if you've any more questions or concerns. Have a great day.

    Regards,
    Ashik

  • Ashik
    • Staff

    Hi Mindustries,

    Thank you for sending the required info. Hope you're doing well today.

    This issue has been escalated to our SLS team. They will investigate it and try to find out a solution for you. They might delay to respond here as they are working with this kind of complex issues. So, I expecting your patience until they back to this thread.

    I've asked for login details though, but somehow it's missed. So, please extend support access time to 5 days at least. Click on EXTEND button to extend the time. Check the screenshot.

    Feel free to reply here if you've any more questions or concerns. Have a great day.

    Regards,
    Ashik

  • Panos
    • SLS

    Hi Mindustries !

    Apologies for taking so long to get back to you. This issue doesn't seem to be related to Membership rules. I see you mentioned that when you deactivate Membership plugin you don't have this issue, but I think it is possible you checked with an admin user. I double checked on your site, and this message appears for user wpmudev2 (Subscriber) even when Membership plugin is deactivated.

    I downloaded the Toolset and cred-frontend-editor plugins and there seems to be some permissions check, but I'm not familiar with these plugins so I haven't found the culprit. What I did see is that there is a filter that is used, so to always allow access :
    add_filter( 'toolset_forms_current_user_can_use_post_form', '__return_true', 9999 );
    The above will allow access to post forms. Not recommended though as it overrides the permissions settings. I have tried this filter on your site, I have placed it in file :
    wp-content/mu-plugins/toolset-permission.php
    If you want to test it, open that file and un-comment the line. This should display the post form for Subscribers on your site, which means that it's not related to Membership plugin.

    Perhaps you can ask Toolset support to give an indication of where to look.

    Kind regards!

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.