[SOLVED(ish)] priviledges redirecting users from template wrong

[benbyf]

HELLO! having user Role issues.

I've got a Role:  members and a template that is set to only allow view of Members and to redirect anyone else to / but id redircts Member users still currently, and only alows people to view the page if the template is set to view on the guest role also.

Any help would be appreciated. I'm running  ProcessWire 3.0.62

[benbyf]

Update: Seems to work fine on dev site and not on live. could there be some strange server differences happening?!

[cstevensjr]

3 minutes ago, benbyf said:

Update: Seems to work fine on dev site and not on live. could there be some strange server differences happening?!

Make sure your online host is not blocking or restricting anything. 

[benbyf]

how? its a shared host, so god knows.

[cstevensjr]

9 minutes ago, benbyf said:

how? its a shared host, so god knows.

I've dealt in the past with a web host who enabled some ModSecurity or Custom settings that were geared towards protecting WordPress installations.  This affected some of my clients PW sites on shared hosting.  Once I sent a message to the web host, letting them know these weren't WP sites and that their changes were impacting the PW sites, they relented and removed the WP-specific host settings.

[benbyf]

Thinking im starting to lose it. could there be a bug in PW 3.0.62? still cant seem to get this to work with the template view permissions set to guest no-view and member role can view

if($session->login($username, $pass)){
	$session->redirect($pages->get("/events/")->url);
}

 

[BitPoet]

Are you logged in at all after the call to login (perhaps output your user name somewhere on the home page)? Are there any noticeable differences in the raw responses, especially the cookie headers (either in the login call or the redirect)?

[benbyf]

9 hours ago, BitPoet said:

Are you logged in at all after the call to login (perhaps output your user name somewhere on the home page)? Are there any noticeable differences in the raw responses, especially the cookie headers (either in the login call or the redirect)?

Sorry, hows the best way to do this?

[BitPoet]

Just perform the login while you have the developer console (F12) open, once on the dev site, once on live, and compare response headers line by line. See if something is missing or different on the live server.

[benbyf]

no dice. Same headers, same server, same version of PW (latest stable), same permissions as far as i can see and same roles but one site wont let that the members user access a template :/ grr

[benbyf]

So no idea what happened here in the end, I solved the issue by deleting the Role, adding the role again and assigning the template as viewable. This solved it by I have no idea why (I guess there must have been a setting somewhere that was conflicting).