Mismatched permissions for theme settings

  • Author
    Posts
  • #100295

    The Nirvana settings page is added for all users with the “edit_theme_options” capability, which seems appropriate.

    However, the settings are then created and managed using the WordPress Settings API, which only allows updates by users with the “manage_options” capability (see the first yellow flag on the documentation).

    So if a user (such as an Editor) has been granted the “edit_theme_options” capability, they can view the settings page, but get a permissions error when they actually try to save.

    Both viewing and saving these settings should be behind the same permission.

    #100851
    Zed
    Cryout Creations Team

    Thanks for pointing this out – we’ll get it sorted out for the next theme update.


    If you like our creations, help us share by rating them on WordPress.org.
    Please read the available documentation and search the forums before posting.
Viewing 2 posts - 1 through 2 (of 2 total)

The topic ‘Mismatched permissions for theme settings’ is closed to new replies.