Buy Hosting

[RESOLVED] Users cannot post, You do not have enough privs

Solved Technical Support
  • shatS

    As an administrator (only admin) I am able to post to my categories no problem. I only have administrators and registered-users in the ACP; however I have a verified test user and I am attempting to post and receive the "Error - You do not have enough privileges for this action." dialog whenever I try to create a topic that I know has read/write for registered-users, or reply.

    I have double, triple checked the perms. The following is the output of what redis-cli commands I could find to try and troubleshoot.

    Do I have duplicate groups within redis and need to clean them up some how?

    root@forum:~# redis-cli
127.0.0.1:6379> hgetall groupslug:groupname
 1) "cid-1-privileges-groups-find"
 2) "cid:1:privileges:groups:find"
 3) "cid-1-privileges-groups-read"
 4) "cid:1:privileges:groups:read"
 5) "cid-1-privileges-groups-topics-create"
 6) "cid:1:privileges:groups:topics:create"
 7) "cid-1-privileges-groups-topics-reply"
 8) "cid:1:privileges:groups:topics:reply"
 9) "cid-2-privileges-groups-find"
10) "cid:2:privileges:groups:find"
11) "cid-2-privileges-groups-read"
12) "cid:2:privileges:groups:read"
13) "cid-2-privileges-groups-topics-create"
14) "cid:2:privileges:groups:topics:create"
15) "cid-2-privileges-groups-topics-reply"
16) "cid:2:privileges:groups:topics:reply"
17) "cid-3-privileges-groups-find"
18) "cid:3:privileges:groups:find"
19) "cid-3-privileges-groups-read"
20) "cid:3:privileges:groups:read"
21) "cid-3-privileges-groups-topics-create"
22) "cid:3:privileges:groups:topics:create"
23) "cid-3-privileges-groups-topics-reply"
24) "cid:3:privileges:groups:topics:reply"
25) "cid-4-privileges-groups-find"
26) "cid:4:privileges:groups:find"
27) "cid-4-privileges-groups-read"
28) "cid:4:privileges:groups:read"
29) "cid-4-privileges-groups-topics-create"
30) "cid:4:privileges:groups:topics:create"
31) "cid-4-privileges-groups-topics-reply"
32) "cid:4:privileges:groups:topics:reply"
33) "registered-users"
34) "registered-users"
35) "administrators"
36) "administrators"
37) "cid-5-privileges-groups-find"
38) "cid:5:privileges:groups:find"
39) "cid-5-privileges-groups-read"
40) "cid:5:privileges:groups:read"
41) "cid-5-privileges-groups-topics-create"
42) "cid:5:privileges:groups:topics:create"
43) "cid-5-privileges-groups-topics-reply"
44) "cid:5:privileges:groups:topics:reply"
127.0.0.1:6379> hgetall groups:administrators
(empty list or set)
127.0.0.1:6379> smembers groups
(empty list or set)
127.0.0.1:6379> zrange groups:createtime 0 -1
 1) "cid:1:privileges:groups:find"
 2) "cid:1:privileges:groups:read"
 3) "cid:1:privileges:groups:topics:create"
 4) "cid:1:privileges:groups:topics:reply"
 5) "cid:2:privileges:groups:find"
 6) "cid:2:privileges:groups:read"
 7) "cid:2:privileges:groups:topics:create"
 8) "cid:2:privileges:groups:topics:reply"
 9) "cid:3:privileges:groups:find"
10) "cid:3:privileges:groups:read"
11) "cid:3:privileges:groups:topics:create"
12) "cid:3:privileges:groups:topics:reply"
13) "cid:4:privileges:groups:find"
14) "cid:4:privileges:groups:read"
15) "cid:4:privileges:groups:topics:create"
16) "cid:4:privileges:groups:topics:reply"
17) "registered-users"
18) "administrators"
19) "cid:5:privileges:groups:find"
20) "cid:5:privileges:groups:read"
21) "cid:5:privileges:groups:topics:create"
22) "cid:5:privileges:groups:topics:reply"
    0
  • barisB

    Get the category id and then run the following query to see if registered-users group is in there.

    zrange group:cid:<cid>:privileges:groups:topics:reply:members 0 -1
    0
  • shatS

    @baris said:

    zrange group:cid:<cid>:privileges:groups:topics:reply:members 0 -1

    I have verified that the registered-users group is in fact added to every category, which matches what I see in the ACP:

    root@forum:~# redis-cli
127.0.0.1:6379> zrange group:cid:1:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:2:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:3:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:4:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:5:privileges:groups:topics:reply:members 0 -1
1) "administrators"
2) "registered-users"
    0
  • barisB

    What about topics:create is that set as well?

    0
  • shatS

    Yes, it is set as well:

    root@forum:~# redis-cli
127.0.0.1:6379> zrange group:cid:1:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:2:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:3:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:4:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
127.0.0.1:6379> zrange group:cid:5:privileges:groups:topics:create:members 0 -1
1) "administrators"
2) "registered-users"
    0
  • barisB

    Do registered-users see the New Topic button when they go in a category? And only get the error when they try to submit?

    We hide the new topic button if they don't have privileges to post I think.

    0
  • shatS

    I am logged in as a test user, which is a registered-users user and validated via email. I can see the "New Topic" button as well as the reply. I get the error when I try to post a reply and I also see it, now that I explored a bit more; when I go back (cmd left arrow on mac) to the previous page/category parent from an individual post.

    0
  • barisB

    Is your forum public? Post a link if you can. What git revision are you on?

    0
  • shatS

    It is publicly accessible, but not public, so I will send you a message with a link to it...

    nodebb@forum:~/nodebb$ git branch
  v0.8.x
* v0.9.x
nodebb@forum:~/nodebb$ git status
On branch v0.9.x
Your branch is up-to-date with 'origin/v0.9.x'.

nothing to commit, working directory clean
    0
  • shatS

    Resolved after talking to baris. I have the mailgun emailer plugin, and also had the db_search and MFA plugin. Disabled db_search and MFA and permissions are working as expected.

    If you experience this, try disabling/uninstalling plugins.

    0
  • BriB

    MFA plugin I can see possibly doing that, but db search? 😕

    Care to explain what happened?

    0
  • shatS

    @BDHarrington7 going to reinstall search and see if everything is working. I ended up removing all but mailgun and now going to see about enabling one by one to identify the culprit.

    0

Suggested Topics

Copyright © 2023 NodeBB | Contributors