Subscribers Can’t Access Edit Form After Update

Until the author can fix how permissions work, I have a solution for those who do not mind manually adding some code.

Copy the following code into main > frontend > forms > classes > permissions.php

Paste it right after public function conditions_logic( $settings, $type = 'form' ) { pretty close to the beginning of the file.

    // Early check for specific roles (Administrator, Editor, Author, Subscriber)
    $active_user = wp_get_current_user();
    $allowed_roles = ['administrator', 'editor', 'author', 'subscriber'];

    if ( array_intersect( $allowed_roles, (array) $active_user->roles ) ) {
        // Allow Administrators and Editors without additional conditions
        if ( in_array( 'administrator', $active_user->roles ) || in_array( 'editor', $active_user->roles ) ) {
            $settings['display'] = true;
            return $settings;
        }

        // Author and Subscriber-specific condition
        if ( in_array( 'author', $active_user->roles ) || in_array( 'subscriber', $active_user->roles ) ) {
            // Check if post_id exists in the URL
            if ( isset( $_GET['post_id'] ) && is_numeric( $_GET['post_id'] ) ) {
                $post_id = intval( $_GET['post_id'] );

                // Verify if the current user is the post's author
                $post = get_post( $post_id );
                if ( $post && $post->post_author == $active_user->ID ) {
                    $settings['display'] = true;
                    return $settings;
                }
            }
        }
    }

    // Original logic follows if the role check fails

Any permission settings for your form(s) will no longer work. This is a harsh override which says: If admin, editor, or author/subscriber who created the post, show the form. The original logic stays as-is after that which just isn’t working right now.

@wilcosky

I have still not been able to reproduce this error. However, I came upon another bug that perhaps is related. Tell me, are you using the “post to edit” field? If so, then try removing it temporarily to test if that is the cause.

Hi @shabti ,

What’s the post to edit field? I don’t think I’m using that.

This issue persists with the latest version. To try and reproduce you can create a basic posting form and put it on a page using the shortcode. Set visibility settings so that admins and authors can view the form. Under settings set up the post tab so that it’s for editing posts. I don’t know about the other users in this thread, but I am using this to edit posts, not submit new posts. Create a post as a regular author. Then try to load the editing form as a regular author.

What may be confusing me and others is the fact that where you create/edit the form in the back end there are the visibility settings on the right and then below that you have the Settings with a permissions tab. Why are there visibility settings plus permission settings? Are these conflicting? It might help in a future version of this plugin to simplify permissions and make it so that you set the permissions in one place for each form instead of having visibility and permissions.

@shabti I figured out that the issue was what I was explaining above about the fact that there are the permissions to the right side where you edit the form. But, even if you give other users the proper view permission there, you still have to ensure you also give them the same permissions below the form fields in the actual permissions settings within the rules. By default only the admin can use the form (there is an “administrator” rule). You have to edit that or set up a new rule.

So, it’s not that permissions don’t work, but it’s a little confusing.