I've been trying to track down a permissions issue whereby going to an admin page for another plugin (SlidePress) was throwing an "insufficient permissions" error, even though the user's role was "administrator".
The wp_capabilities entry in the wp_usermeta table for this user contains multiple roles: administrator and gform_full_access. My understanding from doing a little Googling this morning is that support for multiple roles in WordPress existed for a while, but is no longer. I think this is causing my permissions problem.
To test this, I created a new user, assigned it the "administrator" role and checked the wp_capabilities entry in the wp_usermeta table for the new user. The order of the elements in the wp_capabilities array was "administrator", "gform_full_access". At this point, the user was able to render the secured page. I then updated the user through the WP admin, and for some reason (not really important why) the order was switched. Now the user is unable to render the secured page.
I believe that the permissions check is being done by the WordPress core, which makes me believe that it's only expecting a single role for the user. If, as it seems, support for multiple roles was removed in 2.9 or 3.0, this seems to be something that should be addressed in Gravity Forms. I've looked at both the latest stable and beta zips, and this role seems to be added automatically to any user with the "administrator" role.
In the meantime, I've flipped the order of the roles directly in the db for the users having issues and everything seems happy. But as soon as those users are edited through the WP admin, it may break again.
Can you please let me know how to best handle this? And if I'm completely off-track here, just say so. :)
Thanks!
