Disable “create user” (user registration) after donation

Hi @longwhitedigital

It’s a bit of a long answer, here, but the short version is that while there currently *is* a way to disable user creation, that’s going to eventually be going away, so I need to give you a bit of context/explanation.

GiveWP’s primary focus is raising money for your organization, which involves some privacy issues around things like access to the receipt, access to donation history, etc. The last thing we want to do is to expose things like donor address or donation history to unauthorized site visitors.

WordPress itself has a true and battle-tested permissions system (users and user roles) that is best suited for that purpose. At all times, the WordPress user system is aware of the logged-in user, and GiveWP is able to display things conditionally to that particular authenticated user.

GiveWP has a separate system currently for user authentication using email addresses known as “email access” which has served us well over the years, but admittedly does not do as good of a job (especially on sites where caching is involved) with authentication.

It’s a simple matter of scale.

The GiveWP email access system is tested and maintained by a handful of developers. The WordPress user system is tested and maintained by thousands of developers, and deployed in live environments representing billions of active users.

For that reason, we’re eventually (though not immediately) moving away from the email access system toward all donors having user accounts on the site.

Important points:

1. The GiveWP user roles never have additional access to or control over any site data (other than obviously the data pertaining to their OWN donations, and even then it’s read-only.)
2. You as a site admin do not have to tell your donors that they have user accounts on the site. It can be completely hidden from them by disabling the email that is sent with their password reset, and by hiding the admin bar from the top of the page. We’re happy to help with that, and would point you toward some third party plugins to do that hiding of the admin bar.

What you experienced when you changed your admin user to Give Donor user is very intentional, and illustrates my point: once you were just a Give Donor and no longer an admin, you had no control over your site.

Happy to answer any questions, for sure.

Thanks Ben for this swift and very comprehensive reply. All makes sense I think – I will run it past the client before either resolving or returning with any follow-ups on their behalf.

I do remain a bit confused how/why it’s built into the system that an administrator is able to downgrade their account by doing a test donation, and effectively be locked out the site. As I say, thankfully I’m not the sole administrator so another was able to ‘restore’ my profile status but it could leave someone pretty stuck if they are the only one.

Tim

That should not have happened. I misread the initial post there thinking that you manually changed the status to Give Donor from within the settings.

I’ve just tried again to confirm on a test site, and donating while logged in does NOT change the user role, it adds an additional one.

If you are seeing something else, we’ll need a way to replicate that behavior for sure.

I would suspect something awry with a user role plugin or something.

I will look out for it next time.

Meantime could you confirm something else for me. If someone has made a donation once, next time they try to donate (with that email address) it won’t accept it (unless they log in)?