I have a role setup that is not allowed to edit or add addresses. They are wholesale dealers and the site owner doesn't want them to have this ability.

This works great, when they sign in to their account and look at the address book, they can see the address but not change it.

The problem is when they place a new order, they have the option to choose an address from their address book, or fill in a new one.

I need them not to be able to fill in a new one if they don't have permission to add/edit their own address.

How can I do this? I was thinking of trying to hide the panes for that role, but couldn't figure it out.

That wouldn't work either, because some dealers will have multiple billing/shipping addresses and need to choose from them.

I need them to be able to choose addresses from their address book on checkout, but not enter new details.

Can this be done?

Files: 

Comments

I haven't totally figured this out yet. I also didn't have an answer yet for "Should customers not allowed to manage their address book to fill in new addresses at checkout?"

Leaving the form empty when choosing an address will not be the solution, because in that case Drupal will complain about required fields that are not filled in.

Maybe the address form shouldn't be displayed in the first place?

The best solution I have thought of is if they don't have permission to edit addresses and they go to the checkout page, only the dropdown menu of saved addresses will be displayed and they can select from those, but can't enter new details. Maybe this can be done by hiding the shipping and delivery information forms, that way they are there for Drupal to get the info but can't be edited by the user.

Or...

They choose a saved address using the dropdown, and it autofills the forms, but all the fields are greyed out and uneditable. That way they can see the address is there but can't change it.

What do you think of those solutions? Make sense?

I have thought about it and I think the address form should not be constructed at all on the checkout page. The trick will be here to find out which address the user selects in this case. The key of each option of the address select element is a complete address in JSON-code, so these values can be applied to the address form with javascript. This happens in uc_addresses_select_address(). And if the address form is not shown at all, then the address select element should become required.

This use case actually starts another flow, so we need to think about a clean way to implement this: adding if-else statements here and there can make the code harder to understand and harder to maintain. In this flow, the JSON-code for option keys in the address select element is quite useless, so we probably should not use it in the first place.

Do you want to tackle this issue (and provide a patch)? You may also propose a technical design if you don't want to go too much into the details of the code.

I started to work on this, but I'm still not sure how it should work. For example, should anonymous users without the permission "add/edit own addresses" also not be able to fill in an address at checkout? They usually have no address book, thus that would mean they can't checkout (or checkout without supplying an address). And what about store owners who don't want certain users be able to manage their address book, but still want these users be able to fill in an address at checkout?

So I decided to only start the alternate flow if:
- an user is not anonymous;
- and the user does not have the permission "add/edit own addresses".

In this alternate flow the address form is hidden and an address must be selected from the address book. Customers who don't have the permission "add/edit own addresses" are unable to fill in an address at checkout, they must choose an address from the address book. When they have no addresses, they can't specify an address at checkout.

Attached is a patch, but I don't think it's the right version of it. Nor did I test it intensively. The patch will make the automated test "Cart and Checkout" fail.

Hi, MegaChriz,

Here's my thinking on this: When store owners want to control their customer's addresses, they can't allow anonymous checkout. It makes little sense if they do. Nor can they allow customers to self-register. The store owner must create the account and a customer must be logged in to place an order.

Therefore, the case where an anonymous user reaches checkout but has no add/edit permission is a misconfiguration error. About the best you can do is to prevent the customer from placing an order. It doesn't matter how you do this—since the store is not created properly, this configuration should never reach production and the error messages should be targeted to the system builder.

It's equally a configuration error for a user to be required to enter an address during registration, but not have add/edit permissions.

Finally, it's also an error for the store owner to create a user without also creating an address. This is a bit tougher problem to deal with since it's not a configuration problem, it is an operational problem (it concerns the day-to-day operation of the store). The error messages in this case should be a little friendlier to the customer, but you still can't allow them to proceed through checkout.

And what about store owners who don't want certain users be able to manage their address book, but still want these users be able to fill in an address at checkout?

I don't remember clearly, but I think checkout addresses are always added to the address book (unless they are already there). If so, then customers without add/edit permission cannot proceed through checkout.

At one point, I considered adding a checkbox that said "Add this address to your address book". The idea would be to give the user more control over what went in to the address book. I never implemented this. If you ever add this feature, then theoretically a customer without add/edit permissions could still enter any address during checkout as long as they didn't check the checkbox. This would not be good news for people who want to limit and control the addresses that their customers used.

If someone actually wanted to block address book management but allow address entry at checkout, you would need to supply an option that prevents the entered addresses from being saved and then you would need to add another permission to control whether this non-saved address entry is allowed or not. I don't think this feature is really needed, so I'd recommend sticking with auto-saved checkout addresses until someone presents a good case for the feature.