Basically, I installed the wrong version of a security plugin (Role Manager, Owen Winkler - only for WP 2.0) on the wrong version of WordPress (2.5.1) and got my own Admin account locked out of Plugin Management (which I needed to properly uninstall the bad plugin and install the good one). Read further to know the sequence of events, the problem I caused myself, and how I got out of it.

Sequence of events:

1. As part of installing Disclose-Secret, I also installed the there-linked Role Manager (Owen Winkler’s) on my WordPress blog. Nothing actually went wrong at this point.
2. Testing Disclose-Secret went great.
3. Then I started poking around with Role Manager.
   1. First I tried creating a new role. This failed silently (failed completely, I found out later). In and of itself, this did no bad things, but I should have stopped there.
   2. Then I tried modifying an existing role. Which one? Administrators. Why? Because I’m stupid, apparently. Though on second thought, if I’d done any other role, I probably wouldn’t have noticed or fixed the problem completely and wouldn’t be writing this up.
4. Then I noticed that there were issues. I tried to access the normal plugins manager and was told I didn’t have permission.
5. Next I noticed that the WordPress Codex listed the plugin I was using as not for my version of WordPress.
6. Now I figured it was probably that the older plugin had written out the role rights for Administrators wrong.
7. Next I looked for the role rights in the database. Missed it there, looked for it in the code. Couldn’t find it there. Then looked for the key phrases on the Intarweb. Couldn’t find it there. So I went back to the database and finally found it.
8. Couldn’t understand a word of the actual configuration string. Not entirely true, but couldn’t understand enough of it that I wanted to find a known-good copy, hope it wasn’t automatically customized for that particular blog application, and try the copy-paste solution.
9. Fortunately, I have another WordPress blog I keep in parallel (same versions) so I cracked open its database and copied/pasted, and actually managed to fix it. Lucky lucky lucky. But at least I now know a bit about how permissions work in WordPress and have a working Role Manager plugin instead of one that will keep corrupting me.
10. Now that my Admin privs were working again, I deactivated the inappropriate plugin, deleted the folder from my installation, copied the good one, then activated it and made sure it looked good. Yay.

Specifics:

1. My WordPress version: 2.5.1
2. The inappropriate Role Manager plugin for my WordPress version is the one by Owen Winkler. I was a little worried about the lack of documentation, but figured I could probably get out of any trouble I got into (barely, it turns out).
3. The correct Role Manager plugin for my WordPress version is version 2.2.2., by Thomas Schneider.
4. The WordPress Codex article that got me started on the correct path in troubleshooting is about Roles and Capabilities.
5. After some troubleshooting, it became clear to me that the only fix for my situation (having locked the Administrators’ role out from being able to manage plugins) was to adjust the role configuration within the back-end of the application, ultimately changing the configuration string in the back-end database.
6. So the role configuration information in WordPress lives in the wp_options table of the database, in the row where the option_name = “wp_user_roles”. The value field is called “option_value”.
7. The default value of this field in WP 2.5.1 is here, in case anyone ends up needing it besides me.
8. In specific, what fiddling about with the wrong version of Role Manager against the Administrator role did was that the wrong version wrote out a string that lacked the “activate_plugins” permission. Presumably with WP 2.0, that was just an intrinsic right for Administrators.

Important safety tips:

• If the plugin you want to play with seemingly has no documentation at all, pass it up unless you really need it.
• Also, the WordPress Codex, despite your cynicism, probably has a reference to whatever you’re looking for in it.

Tags:   kerfuffle · role manager · troubleshooting · wordpressNo Comments