Hi all. I am trying to achieve a feature where a user is allowed to change ONLY his/her own name. If I check off the “Update user” under Permissions" and the “Account/Roles” section on the group the user is registered under, it works. However, that will also give the same user the capability to change any other user. How to achieve this without elevating this users rights?
I am doing this without using any service.
Any feedback is appreciated 
Øystein
Hi!
Have you tried using conditional permissions?
More info here:
Hi Emma and thank you for this. Its possible that I am missing something here, but the user object does not seem to be available in the “Object Classes” permissions?
Øystein
Note that a user can update their own name without any additional permissions. From the documentation:
A user does not require any special permissions to update their own first name, last name and phone number.
To update another user, the user requires the permission Update User. In addition, the user needs permission to update a user in each role that they are assigned under Update User in Role.
Hi Aaron and thank you for the reply. Attaching a few more details here:
This is the action performed:
Here are the log from the browser when testing it:
Please advice on how to correct the problem
Øystein
Hi again!
To solve this case the user will need a role with the “Update User” permission granted. This will allow them to update their own user account, but alone won’t let them update other user accounts. For a role to be able to update other user accounts, it also needs the permission “Update User in Role [Role Name]“. So the fear of a user being able to edit other users is only relevant if their role also has the extra permission to update users in a given role.
Hope this helps!
Hi again Emma and thank you for the reply. That clarify things. Thank you
Øystein
