Anybody come across this? I’d hate to give my site managers super admin privileges just to edit other members’ profiles.
I have checked the user “capabilities” of the custom role I have created and it has all the capabilities it needs to modify WP users. They can reset passwords and modify WP related profile information but NOT BuddyPress extended profiles. Apparently though BP doesn’t use WP roles for anything besides checking for super admin privileges. Can anybody think of a way to modify BP to allow non-super admins to edit extended profile information of other users besides themselves?
Try giving them the ‘bp_moderate’ capabilities.
It seems edit_profile checks to see if it’s your profile or whether
bp_current_user_can( 'bp_moderate' ) || current_user_can( 'edit_users' )
so adding the ‘edit_users’ cap should work.
See bp_core_can_edit_settings() in bp-members-functions.php
It may not be a bug, but you could find out by submitting a bug
https://buddypress.trac.wordpress.org/
also – some role editors are funky.
Make sure it’s not that plugin.
Use this to check if your custom role really has those caps:
https://wordpress.org/extend/plugins/members/
Thanks for the info @shanebpdev that is very useful. After using the “Members” role editor I was indeed able to verify that the Manager role already had the “edit_users” capability. Sadly any user with the Manager role still gets taken to the “You do not have sufficient privileges” page. Perhaps it is a bug.
I checked out the bp-members-functions.php file and found the line you spoke of and it is matching:
if ( bp_current_user_can( 'bp_moderate' ) || current_user_can( 'edit_users' ) )
Now “bp_moderate” does not show up as an actual WP role. The regular “moderate” role does however, and the Manager user has access to that capability.
Just for the heck of it I changed the line to current_user_can(‘Manager’) which without any arguments does check for the name of the role. After doing so I noticed that when a manager goes to edit a member’s profile, they are automatically redirected to the member’s activity feed instead of the edit profile page.
Something funky is going on for sure. I really appreciate you helping me out with this.
Perhaps try using an existing role, like Editor, instead of a custom role ?
And add caps to that role?
Finally figured it out!!! First I tried using a modified version of the “Editor” role as you suggested with ALL capabilities added which allowed me to edit member profiles no problem. THEN I unchecked each and every capability one by one until I found the one that triggered the problem.
As it turns out the “manage_options” capability was the missing link. I checked off manage_options under my custom “Manager” role and waddya know, we’re back in action.
I wonder what changed in BP 1.7.1 that requires the manage_options capability?
Regardless, it works like a champ. Thanks a million for helping me troubleshoot this @shanebpdev – Hope your day is awesome!
Glad you got it sorted.
But ‘manage_options’ is a powerful cap.
I could see where you wouldn’t want to grant that cap to a custom role.
Now that you can explain the issue, I suggest you submit a bug.
https://buddypress.trac.wordpress.org/
You’re right @shanebp
After reading that manage_options much gives that role access to the entire Settings feature of WordPress I realized that isn’t good. Needless to say, I have used Adminimize to hide the “Settings” tab from the Manager user role for the time being but certain savvy people could still access it if they knew the URL to those settings pages.
I submitted the bug to: https://buddypress.trac.wordpress.org/ticket/4991#ticket
Thanks again for all of your help!
Sweet! This was exactly my problem. Thanks to the two of you.
