== System Admin ==
Contributors: mcgwier
Donate link: https://mcgwier.com
License: GPLv3 or later
License URI: http://www.gnu.org/licenses/gpl-3.0.html
Tags: sysadmin,system admin,hide menu,admin,menu,disable updates,disable update,hide plugins
Requires at least: 6.0
Requires PHP: 8.0
Tested up to: 7.0
Stable tag: 2.1

This plugin creates a new role (sysadmin), extending the admin role by offering custom privileges that enable hiding options from other users, including administrators. Does not track, does not use third-party services, is always free.

== Description ==

Extends the admin role with a new, awesomer role called 'Sysadmin'. This new role gives you a menu of options to hide menu and/or sub-menu items in the admin from all other users (e.g. Themes, Theme Editor, Plugin Editor, etc.) Very useful when restricting major changes or updates from clients or administrators.

= Special Features =
* Disable core update
* Disable plugin update
* Disable theme update
* Disable admin bar

== Installation ==

Activate, promote yourself, set your options, high five.

1. Upload `system-admin` to the `/wp-content/plugins/` directory
2. Activate the plugin through the 'Plugins' menu in WordPress
3. Promote yourself to Sysadmin and visit System Admin, select your desired options, save changes.

== Frequently Asked Questions ==

= Is there a premium version? =

No. All that this plugin does is included in this version. Nothing hidden to be gained.

= Does this plugin add redirects? =

No. Simply hides the menu items. You can still access the direct URI (intentional fallback).

== Uninstall ==
Just deactivate and delete plugin. This will re-assign Sysadmin role as Administrator and remove all options (unhiding hidden menu items, etc.)

== Changelog ==

= 2.1 =
* Fixed: Sysadmin users could lose wp-admin access after self-promotion in some environments.
* Fixed: Promote Self now preserves Administrator role compatibility on promotion.
* Fixed: Sysadmin custom capabilities are now re-applied defensively during role sync.
* Fixed: Direct URL admin-menu enforcement now includes a role-based Sysadmin fallback check.

= 2.0 =
* Compatibility with WordPress 6.6, 6.7, 6.8, and 7.0
* Fixed: Check All / Uncheck All / Toggle All buttons broken since WP 5.6 (jQuery 3 .prop() fix)
* Fixed: CSRF nonce protection added to Plugins and Admin Menu settings forms
* Fixed: Nonce now required to use the Promote Self page
* Fixed: Admin notice HTML updated to modern notice classes (notice-error, notice-success)
* Fixed: load_plugin_textdomain now hooked to init for WP 6.7+ JIT translation loading
* Fixed: register_setting now includes a sanitize_callback and type (WP 5.5+)
* Fixed: All dynamic output now escaped with esc_html() and esc_url()
* Fixed: Admin page titles updated from h2 to h1 (WP 3.8+)
* Fixed: user_has_cap filter callbacks accept the 4th $user argument
* Improved: Removed deprecated &$this pattern from all hook registrations (PHP 8.x)
* Improved: JMSA_AdminMenu declares $menu_original and $submenu_original explicitly (PHP 8.2+)
* Improved: WP_User_Query now uses get_results() instead of direct property access
* Improved: wp_roles() replaces manual WP_Roles instantiation
* Improved: All plugin options cleaned up on uninstall (added jmsa_version)
* Requires WordPress 6.0 or later
* Requires PHP 8.0 or later

= 1.0 =
* Init to Winit
