1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cannot Reproduce Usergroup Permission Quirk

Discussion in 'Resolved Bug Reports' started by Ghan_04, Feb 1, 2012.

  1. Ghan_04

    Ghan_04 Active Member

    This is something I have encountered twice now, and I'm not sure what the cause is. A user is a member of two groups, Registered and the Moderating group. This user is a super moderator and added as such in the admin panel.
    The problem is that the user at some point was unable to even view the forums. He could not do anything whatsoever - it was as if only the permissions from the Moderating group were in effect (we have the basic permissions like View Node set to No (not never) for this group so that kind of thing can be inherited from Registered). I have no idea why the permissions do not resolve correctly. In playing around with it, it seems the problem was "fixed" by adding the View Node permission to the Moderating group and then removing it again.

    So my only thought at this point is that it is something to do with permission caching. How exactly do permissions get cached? Could that be the cause? Is there a way to flush the permission cache safely? Is there anything more I can do to investigate this, given that I cannot reproduce it?

  2. Mike

    Mike XenForo Developer Staff Member

    Well, if flipping a permission fixes it, then that does sound like a permission cache thing. However, it's not something I've ever been seen. Unfortunately, I would have to be able to produce it ("at will") to be able to fix it. There's a lot going on.

    If you can't reproduce it either, then there's not a lot we can do.
  3. Ghan_04

    Ghan_04 Active Member

    If it happens again, is there anything I can look at that would help track down the issue?
  4. Mike

    Mike XenForo Developer Staff Member

    Well I really need to be able to reproduce it actually happening - I suppose seeing some data in the DB would be helpful, but I won't really know why that happened.

    So if it can't be reproduced consistently, the only thing you really could do is back up the xf_permission* tables and the xf_user table before you fix it. That might give me a bit of insight.
  5. Ghan_04

    Ghan_04 Active Member

    Right now I am having this issue:

    Registered group has a permission set to Allow.
    Parent node has same permission set to Revoke for Registered.
    Child node has same permission set to Allow for a secondary group.

    A user who belongs to Registered and the other secondary group is denied the permission in the child node. Unless I misunderstand something about how permissions work, this should not be the case. I cannot resolve this - I've tried changing stuff around and back to no avail.
  6. Mike

    Mike XenForo Developer Staff Member

    That's correct - you have to be able to see the path to a node to access a node.
    Ghan_04 likes this.
  7. Ghan_04

    Ghan_04 Active Member

    The permission in question is "Can Edit Post by Self" - the user is able to view all the nodes.
    This EXACT same permission scheme is working as I intend for the "Can Post New Threads" permission - I'm just having trouble with editing and deleting own posts.

    Here's some more info. If, on the parent node, I return the "Revoke" permissions to "Inherit", everything unlocks and I can edit, etc.
    If I then return only the "Post New Threads" to Revoke, that permissions works as expected.
    However, if I set it so that "Edit Post by Self" is Inherit while "Delete Post by Self" is Revoke, then I still have the Edit and Delete buttons available on a given post.
    It is only when I add the "Delete Post by Self" does everything seem to come crashing down on me.
  8. Mike

    Mike XenForo Developer Staff Member

    Well, if you can reproduce it consistently, submit a ticket with admin CP access details, FTP access details, and the name of a user I should be using "test permissions" with. I will hopefully be able to get to the bottom of it.
  9. Mike

    Mike XenForo Developer Staff Member

    For reference:


Share This Page