Reader role is able to do a submission.
I want to check if this is correct behavior? Also I want to know when I can read about roles and authorization and if we can somehow change it in our system, because if Reader role can do a submission by default we want to prevent that.
I found an old discussion, not sure what is the currently status:
Steps I took leading up to the issue
For example:
Register as reader. Validate your email. User is enable and marked as a reader
Login into the journal
Go to the dashboard
Click in Back to New Submission
Fulfill the form to Submit
Save and the submission was perfomend
What application are you using?
OJS: 3.3.0.16
OS platform: Linux
PHP version: 8.1.28
Apache version: Apache
Database driver: mysql
Database server version: 5.5.68-MariaDB
It’s intentional, as the linked thread says. We used to require users to have an Author role in order to submit something. it was necessary to go to your profile and self-register as an Author before you’d be able to find a “create a new submission” button.
However, existing readers of the journal who later wanted to make submissions got lost and confused. It wasn’t clear they had to self-register as Authors first. So we removed the restriction.