- Issue created by @weseze
I have setup my commerce and commerce_shipping so that only logged in users can shop and place orders.
All users have 1 billing and multiple shipping profiles that are imported and synced from an external CRM.
Users are not allowed to make changes to their profiles.
I have setup permissions so they can not do this.
However commerce_shipping does allow my users to enter new shipping profiles.
They are also allowed to enter new billing profiles, but I'm guessing that has nothing to do with the commerce_shipping module?
I feel like this is a bug since logged in users are not allowed to create/edit/delete any profile entities according to my permissions.
Yet commerce(_shipping) does allow them to do it.
But I can understand that his might be considered a working feature of commerce, rather than a bug.
I can create a workaround by altering the form from the ShippingInformation CheckoutPane and just disabling some fields for normal logged in users in my custom code.
But i feel like this use case should have worked...
So my questions are:
Is this a flow that should be supported? And can fix it by doing some configuration that I missed?
Is it a bug that needs fixing?
Or is this just how commerce(_shipping) works?
Active
2.0
User interface