=== AdBear Roles and Admin Access Manager ===
Contributors: secilkars
Tags: user roles, capabilities, admin menu, permissions, wp-login
Requires at least: 6.0
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 0.6.3
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Manage WordPress roles, admin menus, dashboard widgets, login redirects, ACF access, and wp-login branding by user role.

== Description ==

AdBear Roles and Admin Access Manager helps site owners and agencies control what each WordPress user role can see and do in the admin area — without writing custom code.

Use one admin menu to:

* Create, edit, clone, and delete custom roles
* Assign built-in and custom capabilities
* Hide admin menus and block direct URL access to hidden pages
* Control dashboard widgets and admin bar items by role
* Set login redirect URLs after sign-in
* Limit Advanced Custom Fields (ACF) field groups by role
* Customize the wp-login screen (logo, colors, layout)

The administrator role is always protected and cannot be edited or deleted through this plugin.

This plugin does not handle front-end membership or user registration forms. It focuses on admin access control and login branding.

== Installation ==

1. Upload the `adbear-roles-admin-access-manager` folder to `/wp-content/plugins/` or install from **Plugins → Add New**.
2. Activate **AdBear Roles and Admin Access Manager** on the **Plugins** screen.
3. In the WordPress admin sidebar, open **AdBear Roles**.
4. Follow the steps in **Getting started** below.

== Getting started ==

All settings are under **AdBear Roles** in the WordPress admin. You need the `manage_options` capability (typically an Administrator).

= Step 1: Roles & Capabilities =

1. Go to **AdBear Roles → Roles & Capabilities**.
2. To add a role, enter a **Role key** (lowercase, no spaces, e.g. `shop_manager`) and a **Role label** (display name).
3. Check the capabilities the role should have, or add custom capability names in the text field.
4. Click **Save role**.
5. To copy an existing role, use **Clone role** and provide a new key and label.
6. To change the role assigned to new registrations, pick a role under **Default registration role** and click **Save default role**.

= Step 2: Admin menu visibility =

1. Go to **AdBear Roles → Admin Menu Visibility**.
2. Select the role from the dropdown.
3. Enable **Enable menu restrictions for this role**.
4. Check only the menu items that role should see.
5. Click **Save menu rules**.

Hidden menus are removed from the sidebar. If a user visits a hidden page by URL, access is denied.

= Step 3: Dashboard widgets =

1. Go to **AdBear Roles → Dashboard Widgets**.
2. Select the role, enable restrictions, and check the widgets to keep visible.
3. Click **Save dashboard rules**.

= Step 4: Admin bar =

1. Go to **AdBear Roles → Admin Bar**.
2. Select the role, enable restrictions, and check the admin bar items to keep.
3. Click **Save admin bar rules**.

= Step 5: Login redirects =

1. Go to **AdBear Roles → Login Redirects**.
2. Enter an internal URL for each role that should redirect after login (leave blank to use WordPress default).
3. Click **Save redirects**.

= Step 6: ACF field groups (optional) =

Requires the Advanced Custom Fields plugin.

1. Go to **AdBear Roles → ACF Group Visibility**.
2. Select the role, enable restrictions, and check the field groups to show.
3. Click **Save ACF rules**.

= Step 7: Login & branding =

1. Go to **AdBear Roles → Login & Branding**.
2. Enable branding, then set logo, background, button color, layout, and optional admin footer text.
3. Click **Save branding settings**.

To test, log out and open your site’s `wp-login.php` page, or log in as a user with the role you configured.

== Frequently Asked Questions ==

= Can I create custom roles without code? =

Yes. Use **AdBear Roles → Roles & Capabilities** to add roles, pick capabilities, or clone an existing role.

= Does hiding a menu also block direct URL access? =

Yes. When menu restrictions are enabled for a role, direct visits to hidden admin pages are blocked.

= Is the Administrator role protected? =

Yes. The administrator role cannot be edited or deleted through this plugin.

= Does this work with Advanced Custom Fields (ACF)? =

Yes, when ACF is active. Use **ACF Group Visibility** to choose which field groups appear for each role.

= Can I customize the WordPress login page? =

Yes. **Login & Branding** lets you set the logo, background, colors, layout, and admin footer text.

= Is this a membership or registration plugin? =

No. It focuses on admin access control, roles, and login branding.

= Who can configure this plugin? =

Only users with the `manage_options` capability can access the AdBear Roles settings pages.

== Screenshots ==

1. Roles & Capabilities — create custom roles, assign capabilities, clone roles, and set the default registration role
2. Admin Menu Visibility — hide admin menus and submenus by user role with direct URL access blocking
3. Dashboard Widgets — control which dashboard widgets appear for each role
4. Admin Bar — manage admin bar items and quick links visibility by user role
5. Login Redirects — set role-based login redirect URLs after sign-in
6. ACF Group Visibility — show or hide ACF field groups by role
7. Login & Branding — customize wp-login logo, background, colors, split layout, and admin footer text
8. Modern admin UI — optional refreshed dashboard styling for a cleaner admin experience

== Changelog ==

= 0.6.3 =
* Fixed admin bar manager showing an empty item list on the settings screen
* Fixed login page centered and split layout alignment issues
* Updated Our Plugins page with current WordPress.org links (PixelCraft with WebP, TOCCraft, Adbear Image Cleaner)

= 0.6.1 =
* WordPress.org review fixes: unique `adbam_` prefix for options, nonces, and script handles
* Renamed plugin classes to `Adbam_Admin_Access` and `Adbam_Our_Plugins`
* Modern admin CSS now enqueued via `wp_enqueue_style()` / `wp_add_inline_style()` instead of inline `<style>` output
* Automatic migration from legacy `arc_` option names
* Updated contributor username to match WordPress.org account

= 0.6.0 =
* Rebranded to **AdBear Roles and Admin Access Manager**
* Plugin slug and text domain updated to `adbear-roles-admin-access-manager`
* Removed keyword-stuffed readme content; added step-by-step getting started guide
* Updated Author URI and plugin links to https://wordpressplugin.adbear.cloud/adbear-roles-and-admin-access-manager/

= 0.5.0 =
* Security hardening: nonce verification, input sanitization, redirect validation
* Plugin Check compatibility improvements

= 0.4.5 =
* Added Our Plugins showcase page
* Added uninstall handler to remove plugin options
* Modern admin menu width and content spacing improvements

= 0.4.2 =
* Login screen split layout with optional side image
* Modern WordPress admin panel UI mode

= 0.4.1 =
* Login Screen & Branding manager
* Custom login logo, background, gradient, and button styling

= 0.4.0 =
* Dashboard widget visibility by role
* Admin bar manager
* Login redirect manager
* ACF field group visibility by role

= 0.3.0 =
* Initial release: roles, capabilities, and admin menu manager

== Upgrade Notice ==

= 0.6.3 =
Bug fix release: admin bar item list, login page layouts, and updated Our Plugins links.

= 0.6.1 =
WordPress.org review compliance update. Existing settings are migrated automatically from the legacy `arc_` option names.

= 0.6.0 =
Rebrand release. Install the `adbear-roles-admin-access-manager` folder and activate the plugin. Existing role and access settings stored in the database are preserved.
