@PC was helping me with this issue on Live Chat this morning, and I am moving over to the Support Forum.
I have a question about membership permissions for some roles. I have my website setup to allow a specific type of membership access levels/roles to view the profile of other access levels/roles for support purposes. I call it the Support role.
I am concerned for the access levels/roles that should NOT could play with the URL and guess the ID number or Username of another user and enter it into the end of the URL and see that user's profile.
Is there anything I can do with positive rules, negative rules, or URL groups, or anything else in the Membership plugin that could allow users of specific access levels/role to NOT see other user profiles, and if they were to play with the URL to try to guess another user's ID or username they would be directed to a "this content is protected" page if they did?
So I want one level to have access to all of them and others not to have access to any of them.
I was thinking about using URL Groups with Regular Expressions. However, my problem is that when users login, they go to their permalink profile automatically, which is either be http://www.example.com/profile/ID or http://www.example.com/profile/USERNAME
So if I protect the http://www.example.com/profile/ URL using Regex, it would disable all access to profiles by other users, which means that specific Support role would not be able to see other users' profiles.
Is there any way around this? Or am I out of luck?