Allow uploaded avatars by trust level not working?

Continuing the discussion from 2.8.0.beta5: PM Improvements, Unseen View, Allow Uploaded Avatar by Trust Level, and more:

Despite this setting
grafik

I’m seeing new users with TL0 adding their own Avatar pictures.

My understanding is that due to the above setting, only TL1 and above should be able to add their own Avatar pictures. Is my understanding correct?

If yes, what could lead to TL0 being able to add avatar pictures?

I’ve just had a little go on my test site (allow uploaded avatars: TL1, with a TL0 Test_User) and I get this ‘reduced options’ version of the screen when I try and change my avatar:

Do you have any social sign-ups, or SSO on your site? Maybe they could be auto-filling the profile picture on sign-up? (I’m speculating, as I don’t have much experience with those :slightly_smiling_face:)

1 Like

Just tried myself with a testuser which switched from TL1 → TL0 → TL1: Yes, I observe the same as you, TL0 can not upload own avatar picture, but TL1 can.

only github, but I see TL0 users with and without github under “Associated accounts” with own avatar pictures, therefore thinking it is not related to the github login.

Additional observation: I even see new users with unverified email (and with no “Associated accounts” entry) having their own avatar pictures.

If a user hasn’t even verified his emailadress, how can he have his own avatar picture?

Could it be the automatically download gravatars setting?

I’ve just tested, and that automatically gives an unactivated TL0 their gravatar image, even with allow uploaded avatars set to TL1.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.