Users can't edit their account type

[dave0]

Originally filed by trawna.com on 2009-05-04T16:17:12

The "edit account" page gives users the option to change their account type ("class" in the database), but the perform function doesn't save any changes made, because person_permissions doesn't include "class" in the self_edit_fields. Just adding it to that list isn't a good fix, because people could hack the form submission to make themselves an admin.

Easiest fix would be to simply eliminate Account Type field from the edit account page, but it seems like something that was desirable at some point.

[dave0]

Updated by dave0000 on 2009-05-04T16:33:12

Yet another legacy pain-in-the-ass from OCUA :)

It exists so that OCUA can create non-player accounts that can log in to the site and access our forums, but can't be placed on a roster. This is so we can give parents and other non-playing members of the Ottawa ultimate community, and interested out-of-town parties (CUPA and ODSA execs, etc) access to discussions without having to inflate our "active player" numbers or worry about properly vetting their contact information.

I'm not sure how many people have ever needed to go from "visitor" to "player", though, so it may not be useful to allow self-editing.

[dave0]

Updated by trawna.com on 2009-05-04T16:40:32

It actually does seem to work going from visitor to player, it's from player to visitor that doesn't work. Not sure about volunteer to player. I only stumbled across it because we seem to have some "visitors" in our database (really not sure how), and it lets them register for membership but then they can't be added to a team. I logged into the test server as a regular player and tried to downgrade to visitor to test my fix, but it didn't save the change. Probably a pretty rare situation, we should maybe mark it as "not to be fixed"?