New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow configuration of fields during register #16333
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could be considered a breaking change, since users who have modified their user schema may be expecting those additional fields to be set on register.
I think it would be acceptable in this case though if we hold this until the next minor release and add a note in the release log about it so anyone doing so can add this setting.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Before merging, we need to have documentation written and then we need to put a "breaking change" in the patch notes instructing anyone with custom user fields they expect to be set on registration to be added to the config.
But I think the breaking change is worth it in this case, it only breaks code for users who are relying on a vulnerability in their code. We need to wait for at least a minor version though, not the next patch version.
Documentation has been written We need to link to it when we released and flag the breaking change in 4.11 |
We can make the breaking change for v5. In the meantime we can make the omit configurable so users can still make this better without a breaking change |
Hello! It says this breaking change is already introduced in 4.11.0 but this PR is still open. I think it is confusing for people to upgrade to 4.11.0 because custom fields still work on registration in 4.11.0 without the suggested configuration changes. Best, Nico |
You're right, I'll make sure the documentation gets reverted, thank you for pointing that out! @pwizla As far as how to proceed, here is what we've decided to do, which will require updating this PR:
|
This pull request has been mentioned on Strapi Community Forum. There might be relevant details there: https://forum.strapi.io/t/new-content-type-fields-for-users-permissions-user-arent-preserved/29604/4 |
What it does
Modifies users-permissions to pick fields from registration body instead of omitting them and allows for plugin configuration to let users select what fields are allowed during the registration phase.
How to test
Configure the plugin like the following:
This should allow you to specify the role ID during the registration phase (not that I'd recommend that personally)
Documentation PR