[Resolved] Users cannot edit their own account

[Author]

Posts

[JosV9233]

I am trying to: allow users to edit their own user account.

They go to page with edit account form and when they try to safe they get: see image 1.
(translation: The user was not saved because of the following problem: You can onl.... )

In Toolset > Access Control > Toolset Forms > Toolset User Forms Frontend Access it is configured like in image 2.

Note with image 1: roles klant1, klant2, klant3, klant4 do not exist anymore. They were created for testing.

[Beda]

Toolset User Edit Forms are tricky for security reasons.

Edit User Form don't display on the front-end in some cases, even, and sometimes Edit User Forms are not displayed if current user ≠ (not equal) to the edited user, but the current user has all allowance to do so.

It is currently under review, when exactly due to security reasons we may admit more clearance and that will be included in future releases.

With Access, the current specifications should be as shown on the screenshot.

To check if that applies to your install, either you or me would need to create a Dummy User, to test this with a Dummy Form on a Dummy page.
Please let me know if I can do that on your site you shared, if not, please let me know the outcomes of similar tests.

[JosV9233]

Hi Beda,
Thanks for your answer.As I do not recognise the screenshots (where is that taken?) I want to ask you if you can test it the way you describe.

Jis

[Beda]

1. As I do not recognise the screenshots (where is that taken?)

Sorry, I tried to type that information out, and as you can imagine it is not really understandable after, so I just a screenshot of a quick Google DOC draft.
It's not from our Documentation, but a reference to what should work.

2. I want to ask you if you can test it the way you describe.

I am now as I type creating dummy users, pages, forms on your site directly as per your last request.

Please keep this in mind in case you see suddenly new content (I will make sure all is not visible on the front end by lower than admin roles)

[Beda]

OK, I think I do not need to set a sample content and neither will be able to unless I can change some more settings on the site/account (language).

Now, I think I saw the mistake in your setup. It's something simple I think.

1. In the Form you do you to edit the user, you have set the "Role of the user:" to Administrator and Subscriber.
Nothing else shall be edited with this Form, right?
2. In Access, you have set this Form to be edited by a row of User Roles, which to me actually seem you try to give each user a role (I am not sure about the purpose of this, as usually you will have many users in a role but just one role for many users, not a role each user).
2. However, I could not find "Subscriber" to be allowed to use that form in Access settings, and that is the ONLY role other than Administrators involved in this Form.

So, I see here 2 problems of which one is maybe my misunderstanding and the other is the setting I speak about above.

If you want Subscribers to be able to use that form you have to set it so in the Forms access settings.
Same, if you want any of the other roles, you need to set the form (and access) for them.

Now to the other issue which is maybe my misunderstanding.

Can I ask, why you have many user ROLES, which seem to be User "names"?
That seems to me you want to have a role for EACH user on your site? This will get a lot of things to "check" and set.

I might suggest to add single users with the "+" icon in Access or, to create less Roles, but assign more users to the roles?
I am not sure, there are scenarios where your setup makes sense, so I need to ask if you require this, or if it is a product of as lack in our GUI (Graphical User Interface) which did make you miss the detail I explain above?

Thanks!

[JosV9233]

Beda,

Thank you for looking into this.
I made many user roles as this seemed the only way to keep content apart. Every user role can access their special pages and no one else should be able to. I was not sure I could achieve that with users and user groups. I am pretty sure you would be able to do this more 'economic' but this was the only way I could visualise it.

An index page is the central page for a client. There is a special post type to be able to have weekly reports ('name verslagen'). There is a CPT 'begeleidingsplan' to manage all the data of one client plus of course there is the user with more data. Furthermore there is the CPT 'facturen' (invoices) which will show on the index page with a view, as does the 'begeleidingsplan'.

As there will never be more then 25 clients I thought this complicated structure would be manageable.
To make it easy to keep all these data private I decided for the many user roles.

I am sure this can be a lot better and am open to all suggestions. Some time ago I requested a video call which request never got answered. I am eager to learn and really love Toolset and all its possibilities. However it is quite complicated and wrapping my mind around different concepts often is pretty hard. Maybe there should be a Toolset academy ?.

Regards,
Jos

Feel free to change anything you want.

[Beda]

Hi.

As outlined in my last comment, I think I know where the issue is, you can adjust that (set the subscriber as allowed) and it should be solved.

Related to your feedback I thank you for it.
Especially for "I am sure this can be a lot better and am open to all suggestions. Some time ago I requested a video call which request never got answered. I am eager to learn and really love Toolset and all its possibilities. However it is quite complicated and wrapping my mind around different concepts often is pretty hard. Maybe there should be a Toolset academy "

Yes, Toolset Academy is something I think of a lot, and you might like to know that we talk about it as well within the company sometimes.
Maybe one day...

Related to the video call.
This is unexpected and not good.

Please, can you link me with that request if you still have some of it's data or, request a new one and share with me, so I can make sure it gets attended?
You have used this form, right?
https://toolset.com/toolset-support-policy/ask-support-video-call/

[JosV9233]

Hi Beda,

Now I have to run and do other things but I want to answer you quickly. I will follow your suggestion and hope that works.

And as I used the link you show for my request I do not have any data on it. I will file a new request and share it here.

Have a nice day,

Jos

[JosV9233]

Beda,

I thought I understood what you meant. I have set Edit Own Custom User with the Toolset Form "Edit account" to be allowed by subscribers also, but this does not change anything. I still get see image1.

Please enlighten me.

[Beda]

1. Please let me know what user role sees this and provide me a log in of that user in such a role
2. I will try to see what is wrong

Thanks

[Beda]

Well, this works fine.

I logged in and created a new user, dummy_toolset (subscriber)
I set a strong password and opened a new anonymous browser, logged in as that user and visited hidden link
I edited by birthday and submitted.
It works

Please let me know the steps to replicate this issue, and set the users on the site, I do not plan to use existing users, because they may be used actively, am I right?
I also have the duplicate of yours, if you can give me steps, I can try to replicate the issue.

I saw your form is now set to edit ONLY Subscribers and Administrator.
So, OTHER roles will NOT be able to use it.
See your Form, that is where I speak of the settings.
So, this works as expected.

You cannot edit other users with that form even if you set so in Access.
To edit such users, set it in both, as informed previously:
Access AND Forms.

Please let me know if that solves all issues!

🙂

[JosV9233]

Hi Beda,

Thank you very much for your excellent help. This problem is resolved.

Can I set up a video call without an active support ticket, but to understand relationships a little better? I think I could have done a lot better in setting up the structure of this site with better knowledge.

Thank you again!

Regards,
Jos