Ultimate Member and Ajax Search Pro

[zisis19]

Hello Ernest,
I am trying to figure out if there is a slight incompatibility between ajax search pro and the ultimatemember plugin (https://wordpress.org/plugins/ultimate-member/). I am using ultimatemember to create custom user roles which will or won’t be able to see specific content of the site (pages, custom post types etc.). For each page, custom-post-type etc one can define whether ultimatemember will filter the user roles that will be able to see it and also if the page will be searchable. When I set the pages to not be searchable / querable, the default search form of wordpress indeed doesn’t list the page in the search results if the user doesn’t have the correct role. Also custom wp-queries don’t list the filtered pages. However, the ajaxsearchpro search form finds these pages…
As a test, I even created a simple ajax search form to substitute the default wordpress form in the sidebar (you can see the two forms in this page http://kgrp.xquer.com/impressum/). The page Impressum, for test purposes, has been set up to be filtered depending on the user role. So, if you try to search for “Impressum”, you can see the difference between the two search forms.

Is it possible that the ajaxsearchform pro can respect this filter? Is there some code I can add somewhere or a setting I forgot to change?

[Ernest Marcinko]

Hi,

The plugin search query is separate from the default wordpress search, UM plugin probably adds some sort of an exclusion by ID or something similar to the query.
Unfortunately I could not find anything about this in their API, so I’m not sure how to do it, but it definitely requires a custom code. If they have a hook to the current_user_can function, then this code may do the trick:

Try adding this custom code to the functions.php in your theme/child theme directory. Before editing, please make sure to have a full site back-up just in case!

add_filter( 'asp_results', 'asp_filter_posts_by_capability', 10, 1 );
function asp_filter_posts_by_capability( $results ) {
	foreach ($results as $k => &$r ) {
		if ( !current_user_can('read_post', $r->id) )
			unset($results[$k]);
	}
	return $results;
}

If this does nothing, then you might have to ask the UM developers, if there is any programmatical way to check if the user can access a specific post, or to get the restricted post IDs, or get the restriction sub-query (if any). With that information I can recommend a custom code to integrate with.

[zisis19]

Thank you Ernest, I tried the code but didn’t change the result. I will send their support now a question to see if they have such a programmatical way.

[zisis19]

You cannot access this content.

[zisis19]

Goodmorning Ernest,
I think i found in the heir documents the correct fuction. It is called user_can(). https://ultimatemember.com/php-docs/classes/um.core.Access.html#source-view
If you click on the </> Icon, a popup will appear with the code of a template called access.php. In line 179 you can see how they use this function. I think this is what we need?

I tried changing your code into this
add_filter( ‘asp_results’, ‘asp_filter_posts_by_capability’, 10, 1 );
function asp_filter_posts_by_capability( $results ) {
foreach ($results as $k => &$r ) {
if ( !user_can(get_current_user_id(), $restriction[‘_um_access_roles’]) )
unset($results[$k]);
}
return $results;
}
But it just broke the seach results completely… No pages were found regardless their restriction status… When I removed the ! from !user_can(… , then the search results appeared again, of course unfiltered (restricted pages were still shown).

[Ernest Marcinko]

Well, the problem with that code is that the $restriction variable does not exist, thus it gives the error. It is possible, that if that this may actually work, but there is a missing bit to set the $restriction variable. Maybe there is a method that exists that needs to set that first. But even afterwards, I don’t see a comparision to the post ID or object there. I’m not sure if that is the correct one.

[zisis19]

Hi Ernest, here is the answer I got from ultimate members support.

Re: New Support Request: programmatical way to check if the user has access
Hi,

Thanks for getting in touch. You can use following function to check if current logged in user has access to certain page/post, change $post_id to actual ID and you can replace “get_current_user_id()” with any user ID to check this.

function has_access() {

$access = true;
$restriction = get_post_meta( $post_id, 'um_content_restriction', true ); //This array contains all content restriction settings

if ( isset($restriction['_um_access_roles']) ) { //this gives the array of restricted roles

$access = UM()->Access()->user_can( get_current_user_id(), $restriction['_um_access_roles'] );
}

return $access;
}

Do you think you can work your magic with this information? I’d really appreciate it as this filtered search that displays results according to the user role is the heart of the website we are building…

[Ernest Marcinko]

Sure, this is very helful. Based on their suggestion, this should do it:

add_filter( 'asp_results', 'asp_filter_posts_by_capability', 10, 1 );
function asp_filter_posts_by_capability( $results ) {
	foreach ($results as $k => &$r ) {
		if ( $r->content_type == 'pagepost' && !asp_um_has_access($r->id) ) {
			unset($results[$k]);
		}
	}
	return $results;
}
function asp_um_has_access($post_id) {
	$access = true;
	$restriction = get_post_meta( $post_id, 'um_content_restriction', true ); //This array contains all content restriction settings
	if ( isset($restriction['_um_access_roles']) ) { //this gives the array of restricted roles
		$access = UM()->Access()->user_can( get_current_user_id(), $restriction['_um_access_roles'] );
	}
	return $access;
}

[zisis19]

Super, that did the magic!!! Thank you so much.!!!

[Ernest Marcinko]

You cannot access this content.

[zisis19]

Left a 5 star review today. Thanks for the support. Awesome Plugin!!

[Author]

Posts