WP Sentry Enabled Navigation

Since we use WP Sentry for access control in a number of sites, one of the challenges we’ve faced is dealing with custom navigation bars which are WP Sentry compliant, meaning they don’t show links to pages the user isn’t supposed to know about.   Sentry would have blocked access to the page, but better that they didn’t see the link in the first place.   While this isn’t a “completely” Sentry compliant nav bar, you can see how we handled the need to hide an Administration page from a site except for those logged in and authorized to see it.  It’s likely there are other possibly better ways to handle the page ID and such, but this might help get you started!

<div id="navigation">
  <ul id="top-level">
    <?php
      global $WP_SENTRY;
      $current_user = wp_get_current_user();
      $current_user_id = $current_user->ID;

      $page = get_page_by_title( 'Administration' );

      //List all pages except administration
      wp_list_pages('sort_column=menu_order&title_li=&depth=3
           &exclude='. $page->ID );

      //we want to do the administration page separately and only show if
      //user is a member of the admin group and already logged in
      if ((current_user_can('level_0'))&&
           ($WP_SENTRY->user_is_allowed($current_user_id, $page->ID)))
      {
        echo "<li><a href=". get_permalink( $page->ID ) 
            . ">Administration</a></li>";                            
      }
    ?>
  </ul>
</div>

WP Sentry Revision History

As we’ve indicated elsewhere, Weigold Enterprises is going to be continuing support and development of the awesome WP Sentry plug in for WordPress originally written by Pete Holiday.  Here is the current revision history.  Note that version 0.8c and prior were created and supported by Pete.  Version 0.8d and later were created and supported by Weigold Enterprises.

Revision History:

  • Version 0.9
    • Revised = vs == typos in admin menu handling.
    • Updated compatible WordPress version information
  • Version 0.8d:
    • Updated support and contact information
  • Version 0.8c:
    • Not provided
  • Version 0.8c:
    • Checked compatibility with WP version 2.8.4
    • Fixed a warning issued when using in_array with a null variable.
    • wpgetarchives now displays private posts.
    • Mass-edit screen now uses permalink URLs.
    • Pages and Recent Comments replacement widgets updated
    • Added: ability to export a list of users
    • Added: Sentry column to user admin screen
    • Added: Catalan localization (Thanks to Mr. Robert Antoni)
  • Version 0.7.2:
    • Fixed a bug that kept child groups from working properly.
  • Version 0.7.1:
    • Fixed a bug which would expose comments on private posts in the Comments RSS feed if certain preview settings were enabled.
    • Added a Russian translation, courtesy of Denis.
  • Version 0.7:
    • Modified user-listing drop-downs for WordPress MU compatibility.
    • Added a German translation of WP Sentry. Thanks, Franz.
    • Added filtering to private page permalinks.
    • Added a column to the posts and pages edit screen to show Sentry permissions.
    • Patched in a change by MrPete fixing the issues with future-dated private posts.
    • Adopted recommendations from Alexey to replace feed URLs with Feed Key URLs and to enable private comments rss feeds.
    • This version is compatible with WordPress 2.71 beta-1
  • Version 0.6.92: Fixed an issue where feedkey sometimes did not work properly.
  • Version 0.6.91: Fixed a security hole which showed entire private posts in RSS under some circumstances.
  • Version 0.6.9:
    • Fixed a typo on the post deletion screen.
    • Changed the groups database table to allow for more users per group.
    • Added a hook to user deletion so that deleted users are also deleted from their respective groups.
    • A few changes were submitted by MrPete:
      • Display users given access (count and ‘all’) even if user-update form is disabled when editing page.
      • Some text changed for clarity
      • Users may now be set in the default access screen.
  • Version 0.6.8:
    • Fixed a bug in Feed Key which caused syntax errors when resetting keys. For real, this time.
    • Changed the method used to authenticate a user’s private feeds. Should resolve several issues with this functionality. (Thanks, Alexey)
  • Version 0.6.7:
    • Fixed a bug in Feed Key which caused syntax errors when resetting the keys.
    • Disabled Magpie RSS caching for private feeds.
    • Added a setting to disable the user list on the post/page edit screen.
  • Version 0.6.6:
    • Fixed a problem with group creation on some systems.
    • Added error checking to group creation that I thought I had added in 0.6.0.
  • Version 0.6.5:
    • Fixed a bug where setting the permissions on a sub-page didn’t work.
    • Patched in a number of changes made by Pierre de La Morinerie (KemenAran):
      • Added a replacement Tag Cloud widget
      • Comments no longer visible for previewed posts
      • Made a few back-end improvements to the code
  • Version 0.6.1:
    • Now contains a Dutch localization thanks to a helpful user. (Added 12/18)
    • Fixed problem where access controls weren’t showing up on the page add and edit screens.
  • Version 0.6:
    • Now compatible with WordPress 2.7 (RC2).
    • Implemented private RSS feeds using Feed Key.
    • WP Sentry is now available in French (Thanks, Regis!)
    • Replacement widgets may now be disabled
    • Added a new menu section for general Sentry options
    • ASM Select has been implemented for all multiple select boxes used by the plugin.
    • Private post title modification has been moved to the ‘General Options’ menu
    • Fixed an issue with ordering in the page list widget
    • Added CSS classes to replacement widget lists
    • Fixed issue with private post title renaming for German WP users
    • Changed the way boxes are added to the post and page edit screens.
    • Fixed a problem with errors not being reported correctly in the group management section.
    • Post listing replacement widget disabled as it appears that WP 2.7′s version functions properly.
  • Version 0.5.1: Fixed a bug which was displaying titles inappropriately.
  • Version 0.5:
    • Uploaded to WordPress Extend for easy maintenance
    • Added the ability to assign permissions to posts en masse.
  • Version 0.4:
    • Added support for private pages.
    • Added a sentry-aware replacement for the Pages widget.
  • Version 0.3:
    • Default groups for new users added.
    • Default groups for new posts added.
    • Ability to change the private post title prefix and postfix added.
    • Ability to delete groups added.
    • Reorganized the administration screens.
    • Major preview functionality added.
    • Changed syntax so the plugin is compatible with PHP 4.x systems.
    • Tested for WP 2.6
  • Version 0.2: Fixed a bug that prevented the creation of new users.
  • Version 0.2: Added the ability to allow all registered users to view a post.
  • Version 0.1: Initial release.