Notifications

Clear all

Prevent secondary usergroup to be changed by member

wpForo User Custom Fields

Last Post by mhit 8 months ago

10 Posts

2 Users

0 Likes

526 Views

RSS

Posts: 16

mhit

Topic starter

Jul 20, 2023 10:10 pm

(@mhit)

Eminent Member

Joined: 1 year ago

Hello,

For our forum we have a private main forum plus 3 private subforums (using 3 secondary usergroups for access rights).

In the user registration form, a new member can check the secondary user groups he wants to get access to. The Forum Admin then needs to check if he is allowed to get access and will activate the member account.

BUT... If the new member edits his profile, the secondary usergroups are still displayed and the member can change his secondary usergroups and gets access to any secondary usergroup he wants...!

I have checked all options but I cannot find a way to hide the secondary usergroup for the member.

The secondary usergroups should be visible for the Forum Admin to edit them in the members user accounts but it should NOT be possible for a member to edit the secondary usergroup....!

The Forum Admin does not have WP Admin user role so he will only edit a user in the account page in front end.

How can this be done in such way that ONLY Forum Admin can change the members secondary usergroup and not the member himself?

9 Replies

Posts: 16

mhit

Topic starter

Aug 17, 2023 4:56 pm

(@mhit)

Eminent Member

Joined: 1 year ago

Hello,

Does anyone have a solutions for this problem (see also above):

Usually a user custom field has the option 'Can user edit this field?' Yes / No
but for the user custom field "secondary usergroup" there is no such option (see screenshot) and the user can always edit it himself.

With other words: He can grant himself access to a private secondary forum by editing his profile, while in our case, only the Forum Admin should grant access to a private secondary forum.

Does anyone has a solution? Or will there be a solution in a future update?

Thanks in advance!

Posts: 4173

Tom

Admin

Aug 22, 2023 1:58 pm

(@tomson)

Famed Member

Joined: 9 years ago

Posted by: @mhit

↑

but for the user custom field "secondary usergroup" there is no such option (see screenshot) and the user can always edit it himself.

Hi @mhit,

Only moderators and administrators can edit secondary usergroups. Please make sure the user you check has "Registered" usergroup a primary usergroup. Also, leave some screenshots of that user Profile > Account tab (front-end) and the edit screen of the user primary usergroup in wpForo > Usergroups admin page.

Posts: 4173

Tom

Admin

Aug 22, 2023 4:04 pm

(@tomson)

Famed Member

Joined: 9 years ago

@mhit,

The solution is removing the "Secondary Usergroup" field from the "Account" Tab. You can remove it in the Account Tab settings of the User Custom Field addon.

Admins and moderators can manage the secondary usergroups of users in Dashboard > Users > Edit user screen,

1 Reply

mhit

(@mhit)

Joined: 1 year ago

Eminent Member

Posts: 16

Aug 22, 2023 4:53 pm

Reply to

Tom

@tomson

Hi Tom,
Many thanks for your attention.

I would be very happy if it was true that also moderators could manage the secondary usergroups of users in Dashboard, but unfortunately this is only allowed for WP Admin user roles.... (Chris from wpForo also confirmed this).

It is most undesirable to grant WP Admin user role to a Forum Admin member.... I wish there would be another solution then installing plugins that prevent other WP Admins to make changes to the CMS (or delete the main WP Admin account etc.).

Posts: 16

mhit

Topic starter

Aug 22, 2023 5:02 pm

(@mhit)

Eminent Member

Joined: 1 year ago

Please also see this topic:

I could not reply any more because it was closed. Initially I thought it was solved but unfortunately the solutions caused that members were able to change the secondary usergroup themselves, with other words: Giving themself access to a private secondary usergroup, which was not allowed.

wpforo.com/community/how-to-and-troubleshooting-2/allow-non-administrator-to-edit-forum-usergroup-field-in-user-edit-php/#post-103571

In wpForo,

Only those users who have Admin Usergroup and Admin User Role can manage other User's Primary Usergroup from the front end. Also, the same Admin user can manage the User Secondary Usergroup from front End only if User Custom Fields Addon is activated on the website.

4 Replies

Tom

Admin

(@tomson)

Joined: 9 years ago

Famed Member

Posts: 4173

Aug 22, 2023 7:33 pm

Reply to

mhit

@mhit,

Again I have to repeat the same, you should remove the secondary usergroup from the user account form.

mhit

(@mhit)

Joined: 1 year ago

Eminent Member

Posts: 16

Aug 22, 2023 8:05 pm

Reply to

Tom

@tomson

Sorry it wasn't clear but we don't have the secondary usergroup in the user account form.

The point is (again) that ONLY WP Admin can edit a member's secondary usergroup and I would like to know if anyone has a workaround for this since we don't want the Forum Admin to have WP Admin user role....

(If the secondary usergroup would be added tot the user account form - to be clear, as said above: this is not the case! - , the member could grant himself access to the private sub forums which is no option either).

Hope everything is clear....

Tom

Admin

(@tomson)

Joined: 9 years ago

Famed Member

Posts: 4173

Aug 25, 2023 12:32 pm

Reply to

mhit

Hi @mhit,

Ok I see. But we cannot add such feature urgently. This will be added in the to-do list and will wait for its turn.

mhit

(@mhit)

Joined: 1 year ago

Eminent Member

Posts: 16

Sep 01, 2023 10:31 pm

Reply to

Tom

@tomson Thanks for your reply anyway.

Hopefully there will soon be an update that will add a functionality that a wpForo Admin who does not have a WordPress Admin user role, can still change the secondary usergroup of a member. Will wait and urgently look forward to this.....
Thanks for your support so far!