How to prevent Administrator Role to use the user information update form?

Hi,

I’m using the User-registration form and when I use the “update” form with my admin account, when I click on submit, my account is turned into a user based role…

How to protect the admin users from the update user form ?

Thanks for your help !

Hi Sebatien. If you are logged in as administrator and submit a form with an Update User feed, your user is the one that will be updated. If you want to change the user that is updated when submitting and Update User form, you can override the user ID with the gform_user_registration_update_user_id filter.

See example 1 here:

Thank Chris for your answer.

The idea is “just” to prevent a admin account to use the form…
I don’t want to change another user information…

When I do my test with a regular user account, there is no problem, but we are multiple admin users who are working on the same web site…

And if an admin account try to use the form, he’s account are turned to a regular user after the validation of the form…

I have added some conditional stuff (if the email @ is the email of an admin account) but it seems not working as espected…

You can create a custom user meta merge tag and then you can hide the submit button using the merge tag.

If you prefer a snippet, Gravity Wiz created one.

You can add the snippet below to your functions.php file then use user_role in any fields you want to hide when an admin is viewing the form. Just check the enable field to be populated dynamically option.

/**
* Dynamically Populating User Role
* http://gravitywiz.com/2012/04/30/dynamically-populating-user-role/
*/
add_filter('gform_field_value_user_role', 'gform_populate_user_role');
function gform_populate_user_role($value){
 $user = wp_get_current_user();
 $role = $user->roles;
 return reset($role);
}

Here’s a link for more info:

Thanks Gravity Bot !

Unfortunately, the PHP code provided broke the website… Also, I can’t add the dynamic change for user role, maybe because it’s managed by the user registration it self… :confused:

It must be possible to keep the role of the user when he try to edit he’s account…

I have maybe a idea…

add_action( 'gform_user_updated', 'change_role', 10, 4 );
function change_role( $user_id, $feed, $entry, $user_pass ) {
    // Run only for form id 2
    if ( rgar( $entry, 'form_id' ) != 2 ) {
        return;
     }
    $email = rgar( $entry, '3' ); // ID of the email field
    $admin_emails = [ 'xxx@yyy.fr', 'www@yyy.fr', 'zzz@yyy.fr']; 

if( in_array($email, $admin_emails) && current_user_can( 'administrator' ) ):
 
        $user_obj = new WP_User( $user_id );
        $user_obj->set_role( 'administrator' );

    endif;
    }
}

Before testing… If you have any advice… There’re welcome :wink:

Edit : that works almost …

The ‘administrator’ role are added, but i have also the ‘subscriber’ role… :confused:

Without a solution working properly… I have switched to another idea…

With CSS, I hide the form for Administrator and show a message…

Sometimes, the easiest way is the way to go :slight_smile:

1 Like