Validation on required fields with role, that has no access

Question

Validation on required fields with role, that has no access

mathias-heilmann opened this issue 5 years ago · 6 comments

If a field is required and the user has no access rights for this field, the validation will show an error, that an update is required on this field when you try to publish.

Example: User role is "Contributor", while the field has only access for e.g. Administrator will fire this message

ACF User Role Field Setting Version 3.0.1
Advanced Custom Fields PRO Version 5.8.3

Answer 1 · 2019-08-14T11:31:35.000Z

Is this custom validation that you've added for a field? Please provide your validation code.

I'm not sure there is anything that I can do about this and you may have to build added logic into your validation filter to account for when the field is not editable by the user.

Answer 2 · 2019-08-14T13:14:44.000Z

No custom validators, just the regular "required" flag.

The problem can be reproduced as follows:

Create a field group, for example some new meta data for posts
Add a field that is required, but only available for certain roles
Log in with a user role that has no access for the field
Edit a post that uses your new field group
Try to save/publish the post. This should create an error message, that fields need to be checked.

If you remove the required flag from the field and repeat steps 3 to 5 there is no error.

Simply put: If a field is marked as required, it must be filled, even if it is not there.

Answer 3 · 2019-08-14T18:12:19.000Z

So, what I can do is that I can add an acf/load_field filter for all fields and if the user cannot edit a field then set required to false, but it gets more complicated as I'd also have to look at the allow null setting on choice fields as well and the min/max rows on repeaters and flex fields.... there is going to be a lot for me to account for here. Then there is the question of what to do about default values.

This may take a while for me to work out.

Answer 4 · 2019-08-15T07:48:48.000Z

Thank you very much!

Answer 5 · 2019-08-15T11:52:13.000Z

in the mean time you may want to consider not having these fields required. Since not everyone can give them a value then they should not logically be required. You're going to need to code whatever you're using these fields for to account for the fact that they may not have a value anyway.

Answer 6 · 2019-08-16T08:33:27.000Z

In our case: If only Editors has access to this field and want to add additional information to the post (which a Contributer cannot) the Editor has to fill out required fields.