responseRedirect causing 404

[Arty]

I'm using the following code in controller to redirect to account upgrade page:

    return $this->responseRedirect(
       XenForo_ControllerResponse_Redirect::SUCCESS,
       XenForo_Link::buildPublicLink('account/upgrades')
     );

It correctly redirects to account/upgrades, but instead of account upgrades page I see this error:

You do not have permission to view this page or perform this action.

URL is correct, simply refreshing page in browser shows correct content.

Any ideas why I'm getting error message?

 

[Daniel Hood]

I'm honestly not sure, I just created an action in one of my addons

public function actionTesting()
        {
            return $this->responseRedirect(
                XenForo_ControllerResponse_Redirect::SUCCESS,
                XenForo_Link::buildPublicLink('account/upgrades')
            );
        }

and it worked just fine. That's odd. Could you provide more information, like are you trying to do this with ajax? Do you have other addons installed that effect the user upgrade page?

 

[Chris D]

I have the same experience as Daniel.

This suggests something custom is causing the issue.

I have just looked at the Account controller, and specifically its _preDispatch and actionUpgrades functions and neither of which have any code which would throw the error you provided.

 

[Arty]

Here is a small variation of function that is as small as possible and doesn't rely on input:

  public function actionTest()
   {
     $userId = XenForo_Visitor::getUserId();

     $upgradeModel = $this->getModelFromCache('XenForo_Model_UserUpgrade');
     $activeUpgrades = $upgradeModel->getActiveUserUpgradeRecordsForUser($userId);
     if (empty($activeUpgrades))
     {
       return $this->responseError(new XenForo_Phrase('requested_user_upgrade_not_found'), 404);
     }
     $upgradeModel->downgradeUserUpgrade(array_pop($activeUpgrades));

     return $this->responseRedirect(
       XenForo_ControllerResponse_Redirect::SUCCESS,
       XenForo_Link::buildPublicLink('account/upgrades')
     );
   }

Its inside class that extends XenForo_ControllerPublic_Account.
Add that to that class and run /account/test
Before running it add one active account upgrade to user.

 

[Daniel Hood]

Alright. That did indeed error for me. I'm not entirely sure but I do know it's because of this line:

$upgradeModel->downgradeUserUpgrade(array_pop($activeUpgrades));

commenting that line out handles the redirect fine.

 

[Chris D]

It doesn't error for me.

And still I can't find anything in the process that would return a permission error.

Alright. That did indeed error for me. I'm not entirely sure but I do know it's because of this line:

$upgradeModel->downgradeUserUpgrade(array_pop($activeUpgrades));

commenting that line out handles the redirect fine.

What's the specific error message you get?

 

[Daniel Hood]

@Chris Deeming try copying this directly into /library/XenForo/ControllerPublic/Account.php (to save the trouble of making an add-on and everything)

public function actionTest()
        {
            $userId = XenForo_Visitor::getUserId();

            $upgradeModel = $this->getModelFromCache('XenForo_Model_UserUpgrade');
            $activeUpgrades = $upgradeModel->getActiveUserUpgradeRecordsForUser($userId);
           
            if (empty($activeUpgrades))
            {
            return $this->responseError(new XenForo_Phrase('requested_user_upgrade_not_found'), 404);
            }
            #$upgradeModel->downgradeUserUpgrade(array_pop($activeUpgrades));

            return $this->responseRedirect(
            XenForo_ControllerResponse_Redirect::SUCCESS,
            XenForo_Link::buildPublicLink('account')
            );
        }

I was testing and noticed you can't redirect to account either afterwards (commenting out $upgradeModel..... allows it to work though).

 

[Chris D]

What's the specific error message you get?

I've got the code set up and it works fine.

 

[Daniel Hood]

It's a permission error. "You do not have permission to view this page or perform this action." It's like

protected function _preDispatch($action)
    {
        $this->_assertRegistrationRequired();
    }

is returning false.

[edit] nevermind,that would produce a login box.

 

[Arty]

Yes, same error message for me. It appears if function downgradeUserUpgrade() is executed.

 

[Daniel Hood]

What's the specific error message you get?

I've got the code set up and it works fine.

Do you have additional account upgrades assigned to the account you're testing with?

 

[Daniel Hood]

Yes, same error message for me. It appears if function downgradeUserUpgrade() is executed.

Yeah, it definitely removes the upgrade.

 

[Chris D]

I've tried it with only one account upgrade that isn't awarded and predictably I get the "The requested user account upgrade could not be found." error.

I've tried it with only one account upgrade that IS awarded and it works fine and the upgrade is removed.

I've tried it with two account upgrades and only one awarded and it works fine and that upgrade is removed.

I've tried it with two account upgrades and both awarded and again, it works fine and one account upgrade is removed and running it again removes the other. No errors.

I've tried it with all my add-ons enabled. It works fine. I've tried it with all my add-ons disabled. It works fine.

I've done it so many times now It's working fine.

Is there anything common between the way you both have things set up? Similar add-ons?

 

[Daniel Hood]

I've tried it with only one account upgrade that isn't awarded and predictably I get the "The requested user account upgrade could not be found." error.

I've tried it with only one account upgrade that IS awarded and it works fine and the upgrade is removed.

I've tried it with two account upgrades and only one awarded and it works fine and that upgrade is removed.

I've tried it with two account upgrades and both awarded and again, it works fine and one account upgrade is removed and running it again removes the other. No errors.

I've tried it with all my add-ons enabled. It works fine. I've tried it with all my add-ons disabled. It works fine.

I've done it so many times now It's working fine.

Is there anything common between the way you both have things set up? Similar add-ons?

Doubt it, unless he's bought all my addons and has only them installed. lol.

I'm on XenForo 1.2.0, haven't run the upgrade yet. Doubt it's something that was changed in 1.2.1 though.

 

[Chris D]

Hmm, could be though.

I'm on 1.2.1.

@Arty?

 

[tenants]

@Arty
@Daniel Hood

Are you testing with the superadmin (id =1)... or testing with xf 1.2.0

@Chris Deeming are you not testing with the super admin or using XF 1.2.1

I've seen this warning "You do not have permission to view this page or perform this action." in strange places, but I've only ever seen it in these strange places on a 1.2.0 forum with the superadmin account

- That could be useful information, or completely unrelated (I've not looked into it properly)

 

[Daniel Hood]

I was on the super admin account yes.

 

[Chris D]

I should have added, I tested it twice. Both on 1.2.1. Once with my super admin account and once as a normal user. Both worked fine.

When you get the error, from what @Arty said, the address in the address bar of your browser is account/upgrades, correct? So effectively the redirect has taken place at that point ... and also it seems as though the downgrade executed.

If you then refresh the page, do you get properly redirected without error? How do you proceed to get back to the account upgrades page without the error?

 

[Daniel Hood]

I just refresh the page I'm currently on.

 

[Chris D]

OK. Here's something cool.

I just remembered my online dev site is still running 1.2.0.

I now get the error. But only on account user_id = 1 who is Admin, Super Admin etc.

Furthermore, if I straight away click the Forum tab after seeing the error then THAT throws a no permission error too.

This suggests to me some sort of rebuild probably relating to the usergroup changes function.

Maybe something fixed in 1.2.1 because I still can't replicate it locally.