Add "editor" permission so YNH admin can delegate power over the

"editorial content" of wordpress to a bunch of selected users/groups

doc/DISCLAIMER.md

@@ -5,14 +5,17 @@ Use the admin panel of your WordPress to configure this app.
 ## YunoHost specific features
 
 * Integration with SSO does not work (automatic login of the user if previously logged on the YunoHost web portal)
-  * private mode: Blog only accessible by YunoHost users
-  * public mode: Visible by anyone
+  * **private mode:** Blog only accessible by YunoHost users
+  * **public mode:** Visible by anyone
 * Allow one user to be the administrator (set at the installation)
 * Integration with [YunoHost permission](https://yunohost.org/groups_and_permissions):
-  * Users rights should be managed from the "Managing groups" to give these rights:
-    * `admin`: has full rights
+  * Users rights should be managed from the [Managing groups](https://yunohost.org/en/groups_and_permissions) to give these rights:
+    * `admin`: can do everything, has "super powers"
+    * `editor`: can edit all the posts and pages but cannot edit the Worpdress configuration (plugins, user rights, etc)
     * `main`: can access with the "default right" (is `subscriber` right now for the package)
-    * Complete list: https://wordpress.org/documentation/article/roles-and-capabilities/#summary-of-roles
+  * Complete list: https://wordpress.org/documentation/article/roles-and-capabilities/#summary-of-roles
+  * ⚠️ Permissions defined in YunoHost take precedence over those setted in Wordpress ⚠️
+    * FIXME: not sure about which has priority, need testing
 * ~~Automatic update of wordpress core, plugins and themes.~~
 * Allow to set up a [multisite](https://codex.wordpress.org/Glossary#Multisite) instance.
 

scripts/install

@@ -305,14 +305,13 @@ then
 	ynh_permission_update --permission="main" --add="visitors"
 fi
 
-# Only the admin can access the admin panel of the app
+# Only these "permissions or groups" can access the admin panel of Wordpress to manage it
 # - "admin" has full rights in the app
+# - "editor" can edit all the posts and pages
 # - "main" can login and do almost nothing
 # See https://wordpress.org/documentation/article/roles-and-capabilities/
 ynh_permission_create --permission="admin" --url="/wp-login.php" --additional_urls="/wp-admin.php" --allowed=$admin_wordpress --show_tile=true
-# Add "label" for user panel
-#ynh_permission_update --permission="main" --label="$app - subscriber"
-
+ynh_permission_create --permission="editor" --url="/wp-login.php" --additional_urls="/wp-admin.php" --show_tile=true
 
 #=================================================
 # RELOAD NGINX

scripts/upgrade

@@ -184,6 +184,11 @@ else
 	# Add "label" for user panel
 	ynh_permission_update --permission="admin" --show_tile=true
 fi
+
+# If missing, create "editor permission"
+if ! ynh_permission_exists --permission="editor"; then
+	ynh_script_progression --message="Creating the missing 'editor permission'..."
+	ynh_permission_create --permission="editor" --url="/wp-login.php" --additional_urls="/wp-admin.php" --show_tile=true
 fi
 
 #=================================================