Issue with permissions and roles
I recently upgraded to Vanilla 2.1.3 from 22.214.171.124. The upgrade went quite smoothly (thanks to the Vanilla team).
However, I noticed that after upgrade, bots were able to come and post URLs in their profiles, and those would show up in the Activity stream. I remember having turned this permission off explicitly in the settings in 2.0.18x. So, it seems that the permissions got changed after the upgrade. While I was investigating into it, I noticed a few issues, which I would like to get help on.
My registration option is set to Approval, and it requires users to confirm their email address. Email Confirmation Role is set to Applicant.
I registered myself with a test account. I confirmed my email address successfully. However, in the Dashboard, I see that the Role is set to "Not Verified, Member". Why is the role set to Not Verified after I've successfully verified the email address?
The "Not Verified" role is actually a link. If I click on it, it toggles between Not Verified / Verified, but it doesn't seem to make any difference. What is the purpose of having it as a link?
If I approve a user before the user has verified the email, then the email verification link becomes invalid. Is it possible to configure it such that the admin gets the user application only after the user has verified the email link?
In Roles and Permissions, I have 6 roles - Guest, Applicant, Member, Moderator, Administrator, Confirm Email. I'm not sure which ones are default (come out of the box with Vanilla(, and which ones were added by me. I would like to use the out of the box roles and delete the ones that I added. Which roles come out of the box?
In the Email Confirmation Role drop down, I see only 4 roles. Why do I not see all 6? I don't see Guest and Confirm Email. Ideally, I think it should be set to Confirm Email role. What do I need to see all roles in the Email Confirmation Role drop down list?
I'll appreciate any help on these issues.