Mismatched permissions for theme settings

  • Author
  • #100295

    The Nirvana settings page is added for all users with the “edit_theme_options” capability, which seems appropriate.

    However, the settings are then created and managed using the WordPress Settings API, which only allows updates by users with the “manage_options” capability (see the first yellow flag on the documentation).

    So if a user (such as an Editor) has been granted the “edit_theme_options” capability, they can view the settings page, but get a permissions error when they actually try to save.

    Both viewing and saving these settings should be behind the same permission.

    Cryout Creations mastermind

    Thanks for pointing this out – we’ll get it sorted out for the next theme update.

    If you like our creations, help us share by rating them on WordPress.org.
    Please check the available documentation and search the forums before starting a topic.
Viewing 2 posts - 1 through 2 (of 2 total)

The topic ‘Mismatched permissions for theme settings’ is closed to new replies.