Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By michaeltt on
I am not sure if this is a bug or a fault in my setup. I have set up user profiles with additional fields. In permissions, authorised users are able to access user profiles. I also have the revisions module with authorised users permittted to use because we have a site wiki where authorised users can edit and see revisions.
The problem is that users can edit other user profiles, including their passwords. If I disable profile access, then re-anable, this capacity to edit them goes away, but somehow it reappears (? with the overnight cron run - it is the only thing I can think of that changes). I wonder if it may be something to do with caching.
I want users to be able to read other user profiles, but clearly not to be able to edit any but their own. There don't seem to be permissions for read only, but edit own - just access profiles.
Any ideas?
Comments
Go to permissions and check
Go to permissions and check under: User Module and make sure "Administer Users" is unchecked for authenticated users (or what your particular member title is). Then (still in permissions) look under Node Module and make sure "Edit any profile content" is unchecked.
Try those and see if that helps. If not, we'll go another route.
Good luck!
Chris
www.theparanormalsociety.org
Node Module
Chris - thanks for your comments.
Administer users is unchecked, but in the Node module there are no entries for profile content. Neither is there any entry for profile in the content types. I manage the profiles through Administer-> User Management -> Profiles. It would solve this problem if the profiles were recognised as a node content type.
Michael