@firefliespilots,
Thank you for the feedback. That is true and it is intended because the separation between frontend, backend and API levels was misguiding lots of administrators.
Recently I’ve been giving a presentation on the local WordPress meetup where I was talking about 5 different ways to get access to any WordPress content. With the rise of popularity around RESTful API, there is no longer separation between backend and frontend. That is why AAM consolidated content related settings.
You can learn a bit more about AAM 6.0.0 here https://aamplugin.com/article/advanced-access-manager-next-generation.
If you still really need to differentiate between frontend and backend access settings, then I can help you to setup Access Policy that will do the trick.
Keep me posted.
Vasyl
Thread Starter
Neo
(@firefliespilots)
Dear Vasyl, thanks for the answer. Ok, but a pity. Since I need this feature for my blog categories, for my theme custom blog post templates. Since I regulate which WP roles can access which categories in the backend (also in the frontend) and which WP roles want to use which blog post templates. How can you solve this now? What I do not quite understand yet, we bought the Plus Package to get this feature for categories etc. That is then unfortunately also gone? Thank you. Cheers Riccarda
Thread Starter
Neo
(@firefliespilots)
So if I understand it correctly, the new plugin can only use programming, because you only have to program it yourself using the Access Policy. The control frontend / backend access of elements? Unfortunately, the sense of the new does not quite open up for me. We therefore stick to the latest version 5.11 and try to keep it up to date with external developers.
Really a great plugin.
But in our opinion, in the new vision no longer does the core function justice. Too bad. Perhaps it would be advisable to further develop the 5.11 and offer it for sale. We would rather buy it with the old logic functions, so you can use it without any programming knowledge. A purchase of these plugins would therefore be worth considering for you? Best regards and have a nice evening Riccarda
Thread Starter
Neo
(@firefliespilots)
Dear Vasyl, If I understood correctly, would that always be the case for every rule for the backend and frontend? If so, unfortunately too complicated. It has to be easier again. Thank you. Greetings Riccarda
For Categories?:
{
"Effect": "deny",
"Resource": "Taxonomy:post_tag:terms",
"Action": ["List", "Read", "Comment"]
}
and for custom post templates?:
{
"Effect": "deny",
"Resource": "PostType:page:posts",
"Action": ["Delete", "Edit"],
"Condition": {
"Less": {
"(*int)${USER.user_level}": 6
}
}
}
Now I’m really wondering what the purchase of Plus Package was for.
@firefliespilots,
Things are not as bad as they appear at first. All the functions that AAM 5.11 and Plus Package are still in the latest 6.0.0 release. They have just been consolidated and simplified.
When it comes to content access managements (posts, categories, taxonomies, etc.), AAM was carrying lots of legacy concepts back since 2012. World of WordPress has been changing with the introduction of RESTful API and now Gutenberg, so we have to keep up with those changes.
Lots of website administrators do not realize that protecting a user from doing something on the backend side, does not stop that user from doing that with the RESTful API. That is one of the main reasons it no longer makes sense to separate backend, frontend and API levels as everything eventually will become API.
The last thing we want is to give AAM users the false sense of security and that is why we’ve consolidated Posts & Terms options.
Nothing stops you from keep using 5.11. The only problem here is that this version is no longer maintained.
I can work with you directly to understand your use-case in more detail and provide a better recommendation on how to define your access controls if that is something you are interested in.
Regards,
Vasyl
