Not a bug I lost the superadministrator condition after upgrade

lms · Sep 11, 2017

When i log in into ACP, and i want to see the administrators permissions, i get a error ("You must be a super administrator to access this page. This can be configured in the Administrators section of the Admin CP."). I can´t access to administrators section and i can't ban users. Into config.php i configured the $config['superAdmins'] = '1,2'; just as it was in XF1 before upgrade (true that was commented on the file at the time of updating).
When i can ban an user, edit permissions, etc. I get this error.

Salud2

Chris D · Sep 11, 2017

lms said:
(true that was commented on the file at the time of updating)

The superAdmins line was commented out of the config during upgrade? If so, that's the problem.

XF 2.0 doesn't actually use superAdmins in the config anymore. You can set an Admin as a Super Admin via the Admin CP.

In the case that there is no super admins configured (because they are commented out) then the Admin with user_id 1 will likely be marked as a Super admin. If that user doesn't exist anymore, then you will need to update the xf_admin table directly.

The undefined index error is a bug, and it has been fixed in beta 2.

You might be able to fix it yourself with this query:

Code:

DELETE FROM xf_permission_entry_content
WHERE permission_value = ''

JordanH · Sep 11, 2017

Chris D said:
XF 2.0 doesn't actually use superAdmins in the config anymore. You can set an Admin as a Super Admin via the Admin CP.

Shame. Kinda liked it that way for better security.

Sandman RSS Feed · Sep 11, 2017

JordanH said:
Shame. Kinda liked it that way for better security.

Yeah, setting it the config file seems way more secure.

Chris D · Sep 11, 2017

That's sort of suggesting that your existing Super Admin accounts are less secure than your config file which absolutely shouldn't be the case.

Sandman RSS Feed · Sep 12, 2017

Chris D said:
That's sort of suggesting that your existing Super Admin accounts are less secure than your config file which absolutely shouldn't be the case.

No, but then any superadmin can set anyone to superadmin, that is not the case via the config file, only those with FTP/root access can.

Chris D · Sep 12, 2017

That is not untrue, but Super admins can already currently add / remove any user as an admin and grant all permissions to other admins.

The risk isn't in how super admins can be set, the risk is in what super admins can do, and that risk hasn't really changed.

Mike Edge · Sep 12, 2017

I liked it in the config file as I could just remove it from the file until the role was required to do something and then add it back in and save.

whynot · Sep 12, 2017

Chris D said:
XF 2.0 doesn't actually use superAdmins in the config anymore. You can set an Admin as a Super Admin via the Admin CP.

Why did you change it ?

JordanH · Sep 12, 2017

Mike Edge said:
I liked it in the config file as I could just remove it from the file until the role was required to do something and then add it back in and save.

Exactly.

Chris D said:
That is not untrue, but Super admins can already currently add / remove any user as an admin and grant all permissions to other admins.

Yes, but if you currently have no super admins, then no more admins can be currently set (Along with no current admin permissions can be changed)

As @Mike Edge stated, I do the same thing. A lot of things a limited to my admins, including me. We have what we need to administrate the forums. Even with 2FA, extra security precautions are nice

God forbid my account ever get breached. They then have total control over the forums. With me only giving myself super admin when needed, it just helps prevents any un wanted actions just a little more.

lms · Sep 12, 2017

Chris D said:
The superAdmins line was commented out of the config during upgrade? If so, that's the problem.

XF 2.0 doesn't actually use superAdmins in the config anymore. You can set an Admin as a Super Admin via the Admin CP.

In the case that there is no super admins configured (because they are commented out) then the Admin with user_id 1 will likely be marked as a Super admin. If that user doesn't exist anymore, then you will need to update the xf_admin table directly.

I'm the ID number 1. I have restored it through the database.

Chris D said:
The undefined index error is a bug, and it has been fixed in beta 2.

You might be able to fix it yourself with this query:

Code:

DELETE FROM xf_permission_entry_content WHERE permission_value = ''

Yes, It's fixed. Thanks.

Salud2

Sandman RSS Feed · Sep 13, 2017

JordanH said:
Shame. Kinda liked it that way for better security.

Mike Edge said:
I liked it in the config file as I could just remove it from the file until the role was required to do something and then add it back in and save.

whynot said:
Why did you change it ?

lms said:
I'm the ID number 1. I have restored it through the database.

Yes, It's fixed. Thanks.

Salud2

Suggestion made, https://xenforo.com/community/threads/set-super-administrators-in-config-file.134088/

Sandman RSS Feed · Sep 13, 2017

Sandman RSS Feed said:
Suggestion made, https://xenforo.com/community/threads/set-super-administrators-in-config-file.134088/

Never mind, within a minute and a half, the suggestion was scrapped.

kick · Sep 13, 2017

Why go back to the old. In 2.0 correctly done

Not a bug I lost the superadministrator condition after upgrade

lms

Well-known member

Chris D

XenForo developer

JordanH

Well-known member

Sandman RSS Feed

Member

Chris D

XenForo developer

Sandman RSS Feed

Member

Chris D

XenForo developer

Mike Edge

Well-known member

whynot

Well-known member

JordanH

Well-known member

lms

Well-known member

Sandman RSS Feed

Member

Sandman RSS Feed

Member

kick

Well-known member

We value your privacy