latest stable versions: v150827 (changelog)

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

Inaccurate Role Assignment In s2Member Pro

Home Forums Community Forum Inaccurate Role Assignment In s2Member Pro

This topic contains 10 replies, has 4 voices. Last updated by  Jason (Lead Developer) 4 years, 7 months ago.

Topic Author Topic
Posted: Wednesday May 16th, 2012 at 8:13 pm #13705
Brad
Username: bradjbarton

I am using s2member Pro and have 9 member levels. Everything seemed to be working properly until I created a new admin account (now level 9) for a developer. We have an integration where levels are assigned message credits based upon level and I noticed that the new admin account was credited with the message credits that are assigned to a level 4. Then, I noticed the email notification –

( s2Member / API Notification Email ) – Registration

role: administrator
level: 4
ccaps:
auto_eot_time:

The level 4 in the email is actually inaccurate, as the account does in fact have full admin access. I also use a Special Redirection URL for the login welcome page with each level having it’s own specialized login welcome page. This new admin account accesses the dashboard upon login, but clicking the generic Special Redirection URL lands the new account on the level 9 login welcome page as it should.

I have searched for any possible setting that I might have missed, but I cannot find it.

What is happening with this and how do I correct it?

List Of Topic Replies

Viewing 10 replies - 1 through 10 (of 10 total)
Author Replies
Author Replies
Posted: Thursday May 17th, 2012 at 3:57 am #13739
Raam Dev
Username: Raam
Staff Member

Hi Brad,

It sounds like you’ve made some modifications to s2Member to make it work with your scenario. Could you please share those modifications so we can determine if the problem lies there?

Posted: Thursday May 17th, 2012 at 9:34 am #13771
Brad
Username: bradjbarton

Thanks for your reply Raam.

Our software does not modify s2Member at all. We take s2member result data and then use that to create events in our software.

As a test, this morning I tested the same scenario in two other WordPress installations. Both fairly clean installs with nothing other than a handful of plugins. I modified the wp-config files to create the 9 membership levels, and then created another Admin account. There was no interfaced software to trigger, but the notification email reports that a level 4 account was created. Obviously, since Admin is supposed to be elevated to the highest level, this email should indicate that a level 9 was created. I think that you can easily perform this test on a WordPress installation to see for yourself, but make sure that your notification email is turned on. This is pretty clearly a minor s2Member glitch.

Importantly, the glitch does not affect the admin functionality as near as I can tell. I tried to change the admin account to s2Member level 9 as another test, but I lose admin functionality, and so had to switch it back. This is as closely as I can identify the glitch.

Please let me know how to fix/correct this issue, otherwise I will probably end up having to pay my developers to change our trigger points in an effort to avoid a glitch in level assignment.

Posted: Friday May 18th, 2012 at 5:10 pm #13905

Hi Brad.

When you say you changed the admin’s account to have Level 9, was this a second admin account that you changed the role from Admininstrator to s2Member Level 9? That would change the admin access and turn him into a regular Level 9 user.

I understand it’s confusing that the admin account still says Level 4, although it now has access to new levels you created above it. In what places did you find that to be the case? You mentioned the Registration Notification, but I’m confused, because administrators, except for the very first one when s2Member isn’t even there, are not registered at that role, but upgraded later.

Posted: Saturday May 19th, 2012 at 11:41 pm #14002
Brad
Username: bradjbarton

As I stated in the first post, I created a new admin user account for a developer. I did not create the user account as something else and then upgrade the account to admin later. I manually created the admin account under s2Member/Add A Member. The next day, on two different web sites I created admin accounts through both s2Member/Add A Member and Users/Add New. There is no difference between the two as they take you to the same Add New User page. All three admin accounts were created as admin, not upgraded after creation.

Later, as a test, I manually changed the admin account to a level 9 account and discovered that the account lost admin rights. I expected this behavior, but simply wanted to test if it made any difference.

If you check the Add New User page you will see that the admin user account can be registered as admin at the point of creation. It does not require a later upgrade to create an admin user. And yes, the registration notification is sent when an admin user is created. Not only is it confusing that an admin account stays at level 4, why would you do that? That’s like saying that it would make sense to classify the admin as level 2 in a 4 level configuration, or the default admin is level 2 if Pro were not used. Do you see what I mean? It does not make sense.

The only place I saw it in s2Member was the registration notification email. I first observed the issue in results provided by our custom software. Our software uses certain triggers that are generated by s2Member but does not modify s2Member in any way. I created an admin account for a developer. I did not expect the new admin account to be the recipient of level 4 characteristics in our custom software, I expected it to receive level 9 characteristics, as that would be logical, since level 9 is now the highest level.

So, are you claiming that s2Member is designed this way? If so, why is it designed this way?

Posted: Sunday May 20th, 2012 at 6:44 am #14013
Staff Member

Hi there. Thanks for the heads up on this request for support.

I did not expect the new admin account to be the recipient of level 4 characteristics in our custom software, I expected it to receive level 9 characteristics, as that would be logical, since level 9 is now the highest level.

So, are you claiming that s2Member is designed this way? If so, why is it designed this way?

No, you are correct. A new administrative account should recieve the highest Membership Level automatically, so long as your “administrator” Role is configured with the proper s2Member capabilities. s2Member handles this automatically, as seen in this file: /s2member/includes/classes/roles-caps.inc.php
foreach(array("administrator", "editor", "author", "contributor", "bbp_moderator") as $role)
	{
		if(($role = &get_role($role)))
			for($n = 0; $n <= $GLOBALS&#91;"WS_PLUGIN__"&#93;&#91;"s2member"&#93;&#91;"c"&#93;&#91;"levels"&#93;; $n++)
				$role->add_cap("access_s2member_level".$n);
	}

If problems persist, I recommend that you run s2Member’s Role reset utility. That will scan all of your existing s2Member and administrative Roles, and put them where they need to be, based on the number of Membership Levels you’re currently running with. You will find this utility in the Dashboard, under: s2Member -> General Options -> Membership Levels/Labels (see bottom of this section please).

Posted: Sunday May 20th, 2012 at 10:33 am #14019
Brad
Username: bradjbarton

Hello Jason,

As you recommended, I ran the role reset utility. However, I still receive the level 4 registration notification email and I still receive the level 4 characteristics in our custom software when creating a new Admin user account.

Keep in mind that the new admin user account does in fact operate as a level 9 within WordPress and s2Member everywhere else that I can think to check. Whatever that trigger is that generates the registration notification email at level 4 is apparently the same trigger data that my developer used to assign characteristics in our custom software.

Also, as I mentioned earlier, I tested this with the same results on a couple other sites (zero custom software) with the same results. You can see here –

That the role reset utility ran successfully showing 9 member levels on a second installation that has nothing but a handful of plugins. However, the notification email still says:

—–Original Message—–
From: WordPress
Sent: Sunday, May 20, 2012 9:13 AM
To: support@sitesteering.net
Subject: ( s2Member / API Notification Email ) – Registration

( s2Member / API Notification Email ) – Registration

role: administrator
level: 4
ccaps:
auto_eot_time:
user_first_name: Brad

I would be very surprised if you cannot duplicate this.

Posted: Monday May 21st, 2012 at 5:27 am #14059
Staff Member

Thanks for the follow-up.
~Investigating this now.

Posted: Monday May 21st, 2012 at 9:06 pm #14122
Staff Member

Thanks again for the follow-up.
We’ve identified the issue, and this will be corrected in the next maintenance release. Until then, I’m attaching a patch file that you can use now, if you’d like. Please unzip and upload the attached file, allowing it to override your existing copy of /s2member/includes/classes/registrations.inc.php

Patches an existing installation of s2Member v120517
http://d1v41qemfjie0l.cloudfront.net/s2member/uploads/registrations.inc_.php_.zip
Posted: Wednesday May 23rd, 2012 at 9:53 am #14320
Brad
Username: bradjbarton

Perfect. Thanks for the follow-up.

—–Original Message—–
From: WordPress
Sent: Wednesday, May 23, 2012 8:49 AM
To: support@sitesteering.com
Subject: ( s2Member / API Notification Email ) – Registration

( s2Member / API Notification Email ) – Registration

role: administrator
level: 9
ccaps:
auto_eot_time:
user_first_name: Brad

I look forward to the maintenance release.

Posted: Friday Jun 1st, 2012 at 11:52 am #15177
Staff Member
This has been corrected in the release of s2Member v120601.
Thanks again for reporting this!
Viewing 10 replies - 1 through 10 (of 10 total)

This topic is closed to new replies. Topics with no replies for 2 weeks are closed automatically.

Old Forums (READ-ONLY): The community now lives at WP Sharks™. If you have an s2Member® Pro question, please use our new Support System.

Contacting s2Member: Please use our Support Center for bug reports, pre-sale questions & technical assistance.