Community

[RESOLVED] Users cannot post, You do not have enough privs

Solved Technical Support
  • shatS

    As an administrator (only admin) I am able to post to my categories no problem. I only have administrators and registered-users in the ACP; however I have a verified test user and I am attempting to post and receive the "Error - You do not have enough privileges for this action." dialog whenever I try to create a topic that I know has read/write for registered-users, or reply.

    I have double, triple checked the perms. The following is the output of what redis-cli commands I could find to try and troubleshoot.

    Do I have duplicate groups within redis and need to clean them up some how?

    [email protected]:~# redis-cli
127.0.0.1:6379> hgetall groupslug:groupname
 1) "cid-1-privileges-groups-find"
 2) "cid:1:privileges:groups:find"
 3) "cid-1-privileges-groups-read"
 4) "cid:1:privileges:groups:read"
 5) "cid-1-privileges-groups-topics-create"
 6) "cid:1:privileges:groups:topics:create"
 7) "cid-1-privileges-groups-topics-reply"
 8) "cid:1:privileges:groups:topics:reply"
 9) "cid-2-privileges-groups-find"
10) "cid:2:privileges:groups:find"
11) "cid-2-privileges-groups-read"
12) "cid:2:privileges:groups:read"
13) "cid-2-privileges-groups-topics-create"
14) "cid:2:privileges:groups:topics:create"
15) "cid-2-privileges-groups-topics-reply"
16) "cid:2:privileges:groups:topics:reply"
17) "cid-3-privileges-groups-find"
18) "cid:3:privileges:groups:find"
19) "cid-3-privileges-groups-read"
20) "cid:3:privileges:groups:read"
21) "cid-3-privileges-groups-topics-create"
22) "cid:3:privileges:groups:topics:create"
23) "cid-3-privileges-groups-topics-reply"
24) "cid:3:privileges:groups:topics:reply"
25) "cid-4-privileges-groups-find"
26) "cid:4:privileges:groups:find"
27) "cid-4-privileges-groups-read"
28) "cid:4:privileges:groups:read"
29) "cid-4-privileges-groups-topics-create"
30) "cid:4:privileges:groups:topics:create"
31) "cid-4-privileges-groups-topics-reply"
32) "cid:4:privileges:groups:topics:reply"
33) "registered-users"
34) "registered-users"
35) "administrators"
36) "administrators"
37) "cid-5-privileges-groups-find"
38) "cid:5:privileges:groups:find"
39) "cid-5-privileges-groups-read"
40) "cid:5:privileges:groups:read"
41) "cid-5-privileges-groups-topics-create"
42) "cid:5:privileges:groups:topics:create"
43) "cid-5-privileges-groups-topics-reply"
44) "cid:5:privileges:groups:topics:reply"
127.0.0.1:6379> hgetall groups:administrators
(empty list or set)
127.0.0.1:6379> smembers groups
(empty list or set)
127.0.0.1:6379> zrange groups:createtime 0 -1
 1) "cid:1:privileges:groups:find"
 2) "cid:1:privileges:groups:read"
 3) "cid:1:privileges:groups:topics:create"
 4) "cid:1:privileges:groups:topics:reply"
 5) "cid:2:privileges:groups:find"
 6) "cid:2:privileges:groups:read"
 7) "cid:2:privileges:groups:topics:create"
 8) "cid:2:privileges:groups:topics:reply"
 9) "cid:3:privileges:groups:find"
10) "cid:3:privileges:groups:read"
11) "cid:3:privileges:groups:topics:create"
12) "cid:3:privileges:groups:topics:reply"
13) "cid:4:privileges:groups:find"
14) "cid:4:privileges:groups:read"
15) "cid:4:privileges:groups:topics:create"
16) "cid:4:privileges:groups:topics:reply"
17) "registered-users"
18) "administrators"
19) "cid:5:privileges:groups:find"
20) "cid:5:privileges:groups:read"
21) "cid:5:privileges:groups:topics:create"
22) "cid:5:privileges:groups:topics:reply"
    0
  • barisB

    Get the category id and then run the following query to see if registered-users group is in there.

    zrange group:cid:<cid>:privileges:groups:topics:reply:members 0 -1
    0
  • shatS

    @baris said:

    zrange group:cid:<cid>:privileges:groups:topics:reply:members 0 -1

    I have verified that the registered-users group is in fact added to every category, which matches what I see in the ACP:

    [email protected]:~# redis-cli
127.0.0.1:6379> zrange group:cid:1:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:2:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:3:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:4:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:5:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
    0
  • barisB

    What about topics:create is that set as well?

    0
  • shatS

    Yes, it is set as well:

    [email protected]:~# redis-cli
127.0.0.1:6379> zrange group:cid:1:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:2:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:3:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:4:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:5:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
    0
  • barisB

    Do registered-users see the New Topic button when they go in a category? And only get the error when they try to submit?

    We hide the new topic button if they don't have privileges to post I think.

    0
  • shatS

    I am logged in as a test user, which is a registered-users user and validated via email. I can see the "New Topic" button as well as the reply. I get the error when I try to post a reply and I also see it, now that I explored a bit more; when I go back (cmd left arrow on mac) to the previous page/category parent from an individual post.

    0
  • barisB

    Is your forum public? Post a link if you can. What git revision are you on?

    0
  • shatS

    It is publicly accessible, but not public, so I will send you a message with a link to it...

    [email protected]:~/nodebb$ git branch
  v0.8.x
* v0.9.x
[email protected]:~/nodebb$ git status
On branch v0.9.x
Your branch is up-to-date with 'origin/v0.9.x'.

nothing to commit, working directory clean
    0
  • shatS

    Resolved after talking to baris. I have the mailgun emailer plugin, and also had the db_search and MFA plugin. Disabled db_search and MFA and permissions are working as expected.

    If you experience this, try disabling/uninstalling plugins.

    0
  • BriB

    MFA plugin I can see possibly doing that, but db search? 😕

    Care to explain what happened?

    shatS 1 Reply
    0
  • shatS

    @BDHarrington7 going to reinstall search and see if everything is working. I ended up removing all but mailgun and now going to see about enabling one by one to identify the culprit.

    0

Suggested Topics

  • phenomlabP

    Expose "Mark this post as the correct answer"

    Unsolved Technical Support
    0 Votes
    8 Posts
    74 Views
    phenomlabP

    @julian thought so 😃 thanks

    Edit - actually, looking at this function, I can't see why it can't be invoked by jQuery?

    function markPostAsAnswer() { var tid = ajaxify.data.tid; var pid = $(this).parents('[data-pid]').attr('data-pid'); socket.emit('plugins.QandA.toggleSolved', { tid: tid, pid: pid }, function (err, data) { if (err) { return alertType('error', err); } alertType('success', data.isSolved ? '[[qanda:post.alert.correct_answer]]' : '[[qanda:thread.alert.unsolved]]'); ajaxify.refresh(); }); }
  • crazycellsC

    max active sessions per user

    Solved Technical Support
    0 Votes
    5 Posts
    212 Views
    julianJ

    @crazycells A forum opened in multiple tabs will use the same session.

    An incognito tab would be a new, separate, session.

    Separate browsers are separate sessions.

  • C

    User Stuck in Registration Queue

    Technical Support
    0 Votes
    8 Posts
    326 Views
    C

    Just a quick follow up on this because I finally got around to sorting it out and in case anyone else is running into the same issue. After a bit of stuffing around I realized there was an issue with the commands, they needed some extra quotation marks (as per @PitaJ 's suggestion):

    zrem registration:queue "Hermina\r\n" zrem registration:queue "Kallie\r\n" del "registration:queue:name:Hermina\r\n" del "registration:queue:name:Kallie\r\n"

    This got everything sorted. Appreciate everyone's help!!

  • P

    MongoDB Create User Erro

    Technical Support
    0 Votes
    11 Posts
    1767 Views
    P

    Now this has happened on both AWS AND DIGITAL OCEAN so I be followed these steps step by step so either I'm stupid and can't follow directions or something's missing that I'm not able to connect with

  • BarryB

    Where are users stored?

    Technical Support
    0 Votes
    2 Posts
    297 Views
    PitaJP

    You created a mongodb database user, not a NodeBB user. Creating NodeBB users is more complicated.

Copyright © 2023 NodeBB | Contributors