The user can see the attachment icon on the form. But when the user tries to upload a file, it doesn't attach. The attachment just disappears.
The user cannot attach a file when there is not CREATE and READ ACL in place that satisfies the User roles.
1)As a first step, enable the Security Rules Debugging and look for failing ACLs in sys_attachment table.
2)If there are failing ACLs while debugging, open and verify why they are failing.
3)If not, navigate to Access Control(ACL) from nav bar and search for ACLs on sys_attachment table. Verify if there are any ACLs that matches the user roles.
4)If there are no ACLs for the user, create READ and CREATE ACLs that matches the user role.
4)Now verify if the user can attach the files in the form.
5)Under script section of the ACL, write a script in order to prevent/provide access based on the business needs for that user(ex:user can access only the attachments that he attached or can attach the files to only the records that he created.)