Feat/admin menus addon

[omaraelhawary]

Admin Menus (Members add-on)

The Admin Menus add-on extends the Members plugin so site administrators can customize the WordPress admin sidebar per role and user: reorder items, hide screens, override labels/icons/URLs/colors, add custom links, and gate menu visibility by capability.

Settings are stored in the WordPress option members_admin_menus_settings (OPTION_KEY in code).

Where to configure

• WP Admin → Members → Admin Menus (admin.php?page=members-admin-menus)

The UI loads a snapshot of the current admin menu tree (captured on first load) and uses AJAX for save, reset, export, import, and user search.

Who is affected

• Changes apply to logged-in users in the admin area except when they are exempt:
  • Multisite: super admins are always exempt.
  • Administrators are exempt by default, so their menus are not modified unless “Allow editing administrator menus” is enabled in meta settings (with a warning: misconfiguration can lock admins out of menus).
• Exemption can be extended via the filter members/addons/admin_menus/is_user_exempt.

How configuration is resolved

1. Role-based defaults are merged from the user’s roles (sorted alphabetically):
   • Hidden items from multiple roles are combined with intersection: a menu stays hidden only if every role the user has marks it hidden.
   • Order (top-level and submenu): taken from the first role in sorted order that defines an order.
   • Overrides (labels, icons, etc.): merged across roles (later roles can add/override keys).
2. Global custom items (settings['custom_items']) and global capability map (settings['capabilities']) are included from stored settings.
3. Per-user overrides (settings['users'][ user_id ]), if present, replace whole blocks for: hidden, order, submenu_order, overrides, custom_items, and capabilities.

Feature areas

Menu order

• Top-level order uses WordPress’s menu_order filter (priority 999) and a physical reorder of the global $menu array.
• Separators can be inserted using sep-* tokens in the order list; these become real wp-menu-separator entries.
• Submenu order is applied per parent slug via submenu_order.

Visibility: hide by role / user

• Hidden slugs remove menu entries with remove_menu_page / remove_submenu_page.
• Submenu items are identified as parent_slug::child_slug.
• Direct URL access to hidden screens is blocked on admin_init (unless exempt): users are redirected (default: dashboard; filter members/addons/admin_menus/redirect_url).
• Protected slugs: items related to Members settings (e.g. containing members-settings or page=members) cannot be hidden, to avoid locking the site out of Members configuration.

Capability-based visibility

• A map of menu slug → required capability can hide items when the user does not have that capability (independent of the simple hidden list). At runtime, the resolver uses the top-level settings['capabilities'] map (or the whole map replaced by a per-user block); it does not merge per-role capability maps from settings['roles'] in PHP—those may still exist in stored data for the editor UI.
• Protected slugs apply here as well.
• Blocking also runs for direct URL access, similar to the hidden list.

Overrides (labels, icons, URLs, badges, colors)

• Top-level items are keyed by menu slug; submenu items use parent::child.
• Supported override concepts include: label, URL, badge (and badge background), icons (Dashicons, Font Awesome, custom image/URL/SVG), background/text/icon colors (injected CSS in admin_head).
• Font Awesome is loaded from CDN when any override uses that icon type.
• Level moves:
  • Submenu item with parent set to __promote__ can be promoted to a top-level menu page.
  • A top-level item can be demoted under another parent via the parent override.

Custom menu items

• Custom top-level or submenu entries are registered late; they use a synthetic page hook and redirect to the configured URL via a small callback (no blank admin page).

Import / export

• Settings can be exported and imported through AJAX actions (nonces scoped to members_admin_menus), with sanitization on import (see functions-admin.php).

Safety notes

• Enabling administrator menu editing can hide critical menus from administrators; use with care and test in a staging environment.
• Hiding a list screen (e.g. edit.php) also ties into blocking related edit screens for default post types where applicable.

In progress

Planned UX and reliability improvements for the Admin Menus editor:

Area	Current gap	Target
Unsaved changes warning	No beforeunload prompt	Warn before navigating away when there are unsaved edits
“Move to submenu” UX	window.prompt('Parent slug') — users must type raw slugs (e.g. edit.php)	Dropdown of available parent menu items
Drag-and-drop reordering	Arrow-only reordering is tedious for large moves	jQuery UI Sortable (bundled with WordPress) for natural reorder
Save feedback	alert() for success/errors	WordPress admin notices (or equivalent inline messaging)
Loading indicator	Buttons disable on AJAX but no spinner during save/reset/import	Visible loading state during those requests
Error handling	saveSettings() lacks a .fail() handler	Handle network/AJAX failures so errors are not silent
Search/filter in editor columns	Hard to find items when there are 20+ entries	Quick filter input per column
Bulk hide/show	Only one item at a time	e.g. hide all for a role, or show only a chosen subset
“Undo last change”	Full reset is the main escape hatch	One-level undo to reduce reset-and-reconfigure cycles

[omaraelhawary]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on for the Members plugin, providing a visual interface to hide, reorder, rename, and customize admin menu items per role. My review identified several areas for improvement: the menu URL override logic needs to account for submenu keying, the promotion of submenu items requires a more robust callback handling, the export function should check if headers are sent, the JavaScript save function needs a failure handler, and Font Awesome versioning should be consistent and defined via constants.

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on for the Members plugin, providing a visual interface to hide, reorder, rename, and customize admin menu items per role. My review highlights several critical issues: overwriting menu slugs can break WordPress core functionality, promoting menu items without a callback will cause broken links, and the redirect logic for hidden pages could lead to infinite loops. Additionally, I have suggested using consistent capability checks, optimizing user search queries to avoid performance issues, and implementing static caching for user configuration lookups to improve efficiency.

[omaraelhawary]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on for the Members plugin, allowing administrators to customize the WordPress admin menu per role or user, including hiding, reordering, and renaming items. The review identified potential security improvements regarding the regex for base64 data URIs and recommended using sanitize_key() instead of sanitize_text_field() when verifying nonces for better security practices.

[omaraelhawary]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on for the Members plugin, providing a visual interface to customize, reorder, and hide admin menu items per role or user. It also includes a migration to sync post-tag capabilities for roles that can manage categories. A security concern was raised regarding the custom menu redirect logic, which currently permits external redirects. I have kept the security review comment as it identifies a potential open redirect vulnerability that requires attention.

[omaraelhawary]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on for the Members plugin, allowing administrators to customize the WordPress admin menu by role or user, including hiding, reordering, and renaming items. My review identified a potential logic mismatch regarding how hidden items are merged across roles (Union vs. Intersection), a security concern regarding the lack of server-side protection for critical settings pages to prevent administrative lockout, and a performance improvement opportunity by optimizing user data retrieval in the AJAX user search function.

[omaraelhawary]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new 'Admin Menus' add-on, providing a visual interface to manage WordPress admin menus, including hiding, reordering, and customizing items per role or user. It also includes updates to the 'Category and Tag Caps' add-on to improve capability synchronization for roles that manage categories, along with minor UI and script adjustments across the plugin. I have no feedback to provide as there were no review comments.

[omaraelhawary]

Hi @cartpauj this one is done and ready to review based on latest https://screenrec.com/share/Kfmw8jDAPM Please let me know if we need to update or change anything. I will work on doc on website once it approved

[omaraelhawary]

Kindly reminder @cartpauj