Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restricting Subscriber user (self-hosted) access to the app #14455

Open
reginabally opened this issue Apr 14, 2021 · 3 comments
Open

Restricting Subscriber user (self-hosted) access to the app #14455

reginabally opened this issue Apr 14, 2021 · 3 comments
Labels
[Pri] Low [Type] Bug User Feedback Users need something added or fixed

Comments

@reginabally
Copy link

reginabally commented Apr 14, 2021
edited
Loading

It was reported in 3864798-zd-woothemes that a Subscriber user on a self-hosted WordPress site was able to access the Blog Posts menu in the app and create a post. The post wasn't able to be uploaded to the site but it'll be saved in the app locally.

Expected behavior

I would expect the Subscriber user will not be able to log in to the app since they're not able to manage the site.

Actual behavior

The Subscriber user is able to log in to the app, access the Blog Posts menu, and create a post. Though the post will not get uploaded to the site, I'm able to view the comments published on the site through My Site > Comments.

Steps to reproduce the behavior

  1. Create a Subscriber user on a self-hosted WordPress site
  2. Log in as the Subscriber user to the app with the "Enter your existing site address" login option
  3. Once logged in, the user will see Stats, Blog Posts, Media, Comments, Settings, View Site, and View Admin options.
  4. Tap the floating button to create a new blog post.
  5. Tapping the "PUBLISH" button to upload the post, an error will occur and says the post can't be uploaded.
  6. Go to My Site > Comment will see the list of comments published on the site.

Screenshot_2021-04-14-13-54-39-98_1cdbe7dded7ec259ed1024b4ff1ae8db

Tested on OPPO Reno 4, Android 11, WPAndroid 17.1-rc-2
@thehenrybyrd
Copy link
Contributor

Thanks for reporting @reginabally!
I was able to reproduce this and see the same areas you can:

Screenshot_20210414-132137_WordPress
Screenshot_20210414-132242_WordPress

I also found I could trash a comment. It looks successful in the app, but doesn't effect things on the site itself.

Tested on: Samsung Galaxy S21, Android 11, WPAndroid 17.1-rc-1

@thehenrybyrd thehenrybyrd mentioned this issue Apr 14, 2021
Open
@stale
Copy link

stale bot commented Apr 16, 2022

This issue has been marked as stale because:

  • It has been inactive for the past year.
  • It isn't in a project or a milestone.
  • It hasn’t been labeled [Pri] Blocker, [Pri] High, or good first issue.

Please comment with an update if you believe this issue is still valid or if it can be closed. This issue will also be reviewed for validity and priority during regularly scheduled triage sessions.

@stale stale bot added the [Status] Stale label Apr 16, 2022
@stale stale bot removed the [Status] Stale label Apr 18, 2022
@jkmassel jkmassel added User Feedback Users need something added or fixed and removed User Expectations labels Jul 3, 2024
@dangermattic
Copy link
Collaborator

Thanks for reporting! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
[Pri] Low [Type] Bug User Feedback Users need something added or fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jkmassel @thehenrybyrd @reginabally @dangermattic