XF 2.2 Strange problem with permissions

[AndrewSimm]

I have an addon that for some reason seems to only restrict access to Admins or Moderators despite setting permission for all user groups.

Here is a var_dump from guests that shows permissions to be true.


Here is my class extension


Here is my extended user entity
<?php namespace Andrew\BannedUsersList\XF\Entity; class User extends XFCP_User { public function canViewBannedUsersList(&$error = null) { $visitor = \XF::visitor(); return ($visitor->hasPermission('andrew_banneduserslist', 'canViewBannedUsersList')); } public function canViewBannedBy(&$error = null) { $visitor = \XF::visitor(); return ($visitor->hasPermission('andrew_banneduserslist', 'canViewBannedBy')); } }

Here is the start of my controller
public function actionIndex() { $visitor = \XF::visitor(); if(!$visitor->canViewBannedUsersList()) { return $this->noPermission(); } blah blah blah

 

[Lawrence]

What does the analyse permissions show for a regular member (any member)?

 

[AndrewSimm]

Analyzed user "Hat" and got the follow, yet when I log into "Hat" I get no permission.

 

[Lawrence]

I don't see anything wrong with your permission check. Only thing I can think of is it a global permission set? You may just want to try changing this:

    public function canViewBannedUsersList(&$error = null)
    {
        $visitor = \XF::visitor();

        return ($visitor->hasPermission('andrew_banneduserslist', 'canViewBannedUsersList'));
    }

to this?

    public function canViewBannedUsersList(&$error = null)
    {
         return $this->hasPermission('andrew_banneduserslist', 'canViewBannedUsersList');
    }

Edit: just thinking that maybe the analyse permission is not as stringent as doing just the check for a visitor, just one thing to eliminate.

 

[AndrewSimm]

I don't see anything wrong with your permission check. Only thing I can think of is it a global permission set? You may just want to try changing this:

    public function canViewBannedUsersList(&$error = null)
    {
        $visitor = \XF::visitor();

        return ($visitor->hasPermission('andrew_banneduserslist', 'canViewBannedUsersList'));
    }

to this?

    public function canViewBannedUsersList(&$error = null)
    {
         return $this->hasPermission('andrew_banneduserslist', 'canViewBannedUsersList');
    }

Edit: just thinking that maybe the analyse permission is not as stringent as doing just the check for a visitor, just one thing to eliminate.

I tried that and still the same thing.

What is odd is that I use the same approach to permissions in all my addons and I only have an issue with this one. I am having the issue on both localhost and my website. No other users of this addon have reported an issue.

 

[Ozzy47]

Have you tried disabling all other addons to see if it’s a conflict somehow?

 

[AndrewSimm]

Have you tried disabling all other addons to see if it’s a conflict somehow?

Ahh, you got it!

The issue was that I have another addon (Moderator Panel) that also has a banned users list. Both functions in the user entity were called the same thing. I am going to change the name of the one in Moderator Panel since that addon is unreleased.

Thank you sir!

 

[Ozzy47]

Glad you got it figured out.

 

[Lawrence]

I'm curious as to why the permission analyser didn't pick up on the conflict,