Accessing custom user variables

Hi there,

I'm trying to add a custom field variable when creating a new user and access it via grav.user object, but it shows up empty.
I'm able to add the variable to new user creation form via blueprints/user/account.yaml with
userplan:
type: text
size: large
label: Plan

and it does show up in the respective user.yaml file as userplan: 'XXX' but when I try to add it to pages via grav.user.userplan it only shows an empty string. I feel like I'm missing a step - would someone be very kind to assist? Many Thanks!

Marco

@pamtbaau thank you very much for your swift reply - the solution worked perfectly. I'm still a bit unclear on why it worked though - without the dump I'm able to access other logged-in user variables like grav.user.fullname or grav.user.title, the only ones that are not accessible are the custom ones I've added. Why is that?

@markic Are you sure? I cannot reproduce that behaviour. When not logged in, I do get a 'user' object showing the definition of the 'account.yaml' and default values are shown, but no sensitive data belonging to a real user account.

Custom data fields are also shown in both case, but does not contain data when not logged in.

Would you mind checking again? It might be a vulnerability if you can reproduce.

Okay so it turns out I had to log out and log back in for custom user fields to show. Previously I tried clearing cache which didn't have any effect.

In regards to your question - private information does not show if user is not logged in so I don't think there is a vulnerability.

Thanks for your help - question answered and I have a better understanding of Grav's innards now.