Cannot Upload Profile Picture without adding all groups to uploaded avatars allowed groups

I have a user who would like to upload a custom profile picture, but it won’t let him. I’ve never seen this issue with any of our other users. He’s in trust level 2, but even trust level 0 is set to allow uploaded profile pictures.

Does anybody know of some other setting I may be overlooking or unaware of? Thanks for any help. Screenshots below.

Screenshot while logged in as user:

Screenshot of admin setting:

image

Screenshot from user details:

image

authorized extensions? Are they allowed to upload images?

2 Likes

We have thousands of users and other people are able to upload images no problem, so I don’t think it has to do with authorized extensions. This user just doesn’t even see an upload option at all.

Have they tried multiple files? My first hunch is file size, either dimensionally or filesize itself.

1 Like

Is there anything special on how that user was created? Do you use DiscourseConnect? discourse connect overrides avatar also prevents users from uploading an avatar.

1 Like

No - They literally have no upload option whatsoever.

We do use DiscourseConnect, but no other user ever has any issues.

Does safe mode change anything?

I’m not seeing any unusual log activity for this user in DiscourseConnect:

[2024-05-30 01:59:26] sso_provider.INFO: parse_request.success {"user_id":169965}

We don’t use WordPress avatars. That is supposed to be controlled entirely within Discourse:

Safe mode has no effect.

Try another browser and/or incognito window.

1 Like

Other browsers do not work. This is definitely a permissions issue. And, the plot thickens because I just tested few other users and it seems to be happening for everybody (except admins from what I can tell).

It only gives the system assigned option.

image

As an admin, I see the other options:

image

Okay, I figured it out. I added every trust level and every possible group a user might be in to the list of allowed groups for uploading profile pictures:

However, previously it was only set to trust_level_0, so anybody with a trust level higher than TL0 was not able to upload profile pictures. The strange thing though is when I look at user profiles, everybody is in this group even if they’ve since been promoted to a higher trust level. Did something change in a recent release? It seems like if you specified TL0 as the required level for uploads that it would automatically grant that same permission to higher trust levels.

trust_level_0 is the default value for uploaded_avatars_allowed_groups.

Everyone is in tl0, as you expected.

WIthout looking at commits, my guess is that there is or, more likely, was, a bug and that an upgrade will fix it.

That is how it’s supposed to work.

You might share your exact commit and maybe look at titles of commits just before ((and maybe after) that.

I edited the subject to maybe get more attention if this is a bug.

4 Likes

Awesome. We’re on version 3.2.1, exact commit here: Commits · discourse/discourse · GitHub

1 Like

Well, I don’t know. You might try upgrading to latest to see if that fixes it.

I don’t see any commits that seem like obvious candidates.

I can’t replicate the problem on one of my sites.

1 Like

I think this may be a group visibility thing perhaps, if it’s stable.

Could you try changing the visibility of your TL0 group to ‘everyone’ in the group settings and see if that has the desired effect? (And reset uploaded_avatars_allowed_groups to just TL0)

3 Likes

I tested on my Stable instance with test user that has TL2. Could not reproduce. My test user has no issues with uploading an Avatar

Discourse Stable 3.2.2

Group settings default I believe

If you set the visibility of the TL0 group to either staff or no one, does the bug occur then?

Thanks, @Firepup650

TL0 group visibility was set to Group owners and moderators. Changing it to Everyone fixes the issue. So, unfortunately we cannot hide the members of trust level and still let people pick their own avatar. That seems strange, since why should one affect the other. Either they’re in the group or not.

Anyways, I’m okay to live with this if need be. At least I know. I’m going to leave the trust level groups hidden since that will open up cans of worms in my community, and just add the other groups so they can still edit their avatar.

1 Like