Jump to content
ragnarokkr

Weird permissions issue after upgrading to latest dev release (Dev 2.6.22 rc 1)

Recommended Posts

Hi all!

I hope somebody could help me to figure out this weird issue I've found.

Few days ago I've upgraded my local installation to the latest dev release (2.6.20 -> 2.6.22 rc1) and performed some tests to be sure everything was working as expected. No problem at all.

After these tests, I decided to do the upgrade to the remote installation, too. Here the problems came.

The upgrade was done without any issue or error message. Everything was ok, but permissions don't work as expected.

I've an author role with limited editing permissions (page-add/create for children pages, and page-edit-created) that works as expected on local installation, but doesn't works at all on remote installation. Only page-view permission is still available for some pages. Some pages expected to be editable, now don't have any permission available (neither the page-view permission), even whether I remove any kind of access control, PW still complains that the role hasn't the required permission for adding or editing.  :'(

Any help is really welcome. Thx!

Share this post


Link to post
Share on other sites

Hi ragnarokkr,

have you added standard page-publish permission? If yes, try to delete that.

I have a similar issue for my translators.

Share this post


Link to post
Share on other sites

Hi maba,

page-publish was not set for this role. Unfortunately, adding (and then removing) this permission doesn't change the result.  :(

If I remove the page-edit permission, PW makes me login and nothing else (as it correctly should be) but when enable the page-edit permission again, the same issue happens.

Share this post


Link to post
Share on other sites

@ryan I've checked my both installations. The local one has not the page-publish permission. The remote one has it.

I did remove the permission from the remote one and nothing changed. Still have not the permission to edit and add pages for user author. 

The local one works as expected, instead (without page-publish permission installed).

It seems PW doesn't see the changes in user's permission, but enabling/disabling page-edit permission.

Share this post


Link to post
Share on other sites

I think I've found where the problem was.

Since I've installed Language Support on remote installation (which wasn't installed on local one), I've to enable page-edit-lang-* together the page-edit-created permission.

I'll further investigate into role's and page's permissions to see if I've messed with some setting.

@maba @ryan thanks a lot for the replies. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Ivan Gretsky
      Most of us know and use site/config-dev.php file. If present, it is used instead of site/config.php, so it is easy to set database connection and debug mode for local development, not touching the production config. It is also very useful when working with git. You can simply ignore it in the .gitignore file, so local settings won’t end up in the repo.
      But sometimes you need to add code to site/ready.php or site/init.php just for the dev environment. For example, to add ryan’s super cool on demand images mirrorer. I can’t live without it when working with big sites, which have more assets then I want to download to my desktop.
      It would be great if there was something like site/ready-dev.php for this. Not out-of-the-box, but it’s pretty easy to achieve. Unlike site/config-dev.php, site/ready.php is not hardcoded. It’s name is set with a special config setting:
      // wire/config.php $config->statusFiles = array( 'boot' => '', 'initBefore' => '', 'init' => 'init.php', 'readyBefore' => '', 'ready' => 'ready.php', 'readySite' => '', 'readyAdmin' => '', 'render' => '', 'download' => '', 'finished' => 'finished.php', 'failed' => '', ); As you can see, we can not only define, which files are loaded on init, ready and finished runtime states, but probably even add more if we need to.
      So we override this setting in site/config-dev.php like this:
      // site/config-dev.php // Change ready.php to ready-dev.php $temp = $config->statusFiles; $temp['ready'] = 'ready-dev.php'; $config->statusFiles = $temp; For some reason we can’t just do
      $config->statusFiles['ready'] = 'ready-dev.php'; and have to override the whole array. Maybe you PHP gurus can explain this in the comments.
      Now we can create the site/ready-dev.php file and place all the dev-only code there. Important thing is to include the main site/ready.php.
      // site/ready-dev.php include 'ready.php'; // DEV HOOK TO MIRROR ASSETS ON DEMAND $wire->addHookAfter('Pagefile::url, Pagefile::filename', function($event) { $config = $event->wire('config'); $file = $event->return; if($event->method == 'url') { // convert url to disk path $file = $config->paths->root . substr($file, strlen($config->urls->root)); } if(!file_exists($file)) { // download file from source if it doesn't exist here $src = 'https://mysite.com/site/assets/files/'; $url = str_replace($config->paths->files, $src, $file); $http = new WireHttp(); try { $http->download($url, $file); } catch (\Exception $e) { bd($file, "Missing file"); } } }); Do not forget to replace "mysite.com" if you’re copypasting this))
      Now, add the newly created file to the `.gitignore` and we’re done.
       
      # .gitignore # Ignore dev files site/config-dev.php site/ready-dev.php Thanks for reading!
       
    • By snck
      Hey,
      I want my editors to be able to use the page lister, especially the bookmarks. I added the page-lister permission to the editor role, but Page lister ("Find" menu item) does not show. Is there anything else I have to do? Links to bookmarks work for the editors, but I would be glad to show them the menu item as well.
      Maybe this has something to do with the long history of the site (started with ProcessWire 2.4 and upgraded to 3.0.148 over the years)?
      Thanks,
      Flo 
    • By snck
      Hello,
      for a project I have pages with different “content areas“ that can be edited only by specific user roles. In the past I setup a fieldset (tab) containing all the fields that should be available to only one specific group of users and set the fields' view and edit permissions (in the Access tab) accordingly. The result was as expected: Users assigned to the specific role could see the tab, click on it, edit content, users without the role could not see the tab. After updating this installation to 3.0.148 yesterday I wanted to setup another tab following the same principle, but I have no "Access" tab for the fieldset to limit access to the specific role. I even tried cloning an existing (and still working) fieldset. The existing fieldset has some template overrides (screenshot attached) that lead to the desired behaviour, but I am not able to reproduce these settings because there is not "Access" tab for my fieldset in template context either.
      Is this a bug in 3.0.148? Has the fieldset fieldtype changed? Am I missing anything here?
      I am glad to hear from you guys.
      Cheers,
      Flo

    • By fruid
      Hi,
      this is the first time I'm using ProcessWire.
      I thought I get how fields, template and pages work, but when I create a template in the CMS, it doesn't generate any file in site/templates/
      Then I thought I might need to create a blank file myself manually on the FTP (which already seems odd to me).
      Once I did that, I tried to add fields to the template but again, doesn't write to the php file.
      When I create a new page and apply said template to it, the page stay blank.
      AFAIK the mod_rewrite of the apache is on and I went for the worst case scenario described here https://processwire.com/docs/security/file-permissions/ and set all file-permissions for future files to 0666 and folders to 0777 in the config.php
      What am I not getting and what am I doing wrong?
      Help is appreciated, stay save everybody,
      Fred
    • By MarkE
      Having just wasted the best part of a day debugging an access issue because I hadn't realised that page-edit-created negated any related page-edit permissions, could I suggest that a note to this effect is included in the default title. I have amended the title on my system to read:
      Edit only pages user has created (IMPORTANT: This will negate any related page-edit permission - including permissions granted to a user by other roles) ..although it may be possible to make it briefer while not losing clarity and impact.
×
×
  • Create New...