20042: list_users command returns wrong permissions (roles permissions are not taken into account).

This bug affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

20042	Bug reports	RemoteControl	public	2025-04-02 09:37	2025-07-18 23:01

Reporter	SESSOU	Assigned To	gabrieljenik
Priority	none	Severity	minor
Status	assigned	Resolution	open
Product Version	6.6.x

Summary	20042: list_users command returns wrong permissions (roles permissions are not taken into account).
Description	Using list_users remote control command returns wrong informations about permissions (roles permissions are not taken into account).
Steps To Reproduce	1- Create a 'Limited User' role, whose only 2 permissions are LDAP authentication (auth_ldap) and read permission on all questionnaires (surveys). 2- Create a local user account with the username 'test'. When selecting the initial permissions, press the cancel button (the only permission activated by default in the database is then auth_db). 3- Associate the 'Limited User' role to the 'test' user 4- Check the permissions associated with the user, via the administration web interface (see screenshot). All is OK here (see screen capture attached) 5- Execute list_users command from php (CLI mode) : $response=$lsJSONRPCClient->list_users($sessionKey,null,'test'); 6- The permissions returned are not correct. Only the initial permissions have been taken into account and not the role permissions Part of the permissions returned by the current list_users command : ... [permissions] => Array ( [0] => Array ( [entity] => global [permission] => auth_db [read_p] => 1 ... ) ) Part of the permissions expected (taking into account the role permissions) : [permissions] => Array ( [0] => Array ( [entity] => global [permission] => auth_ldap [read_p] => 1 ... ) [1] => Array ( [entity] => global [permission] => surveys [read_p] => 1 ... ) ) Conclusion : the role(s) permissions are not take into account !!!
Tags	No tags attached.
Attached Files	Capture d’écran 2025-04-01 à 11.38.18.png (311,957 bytes)

Bug heat	4
Complete LimeSurvey version number (& build)	6.12.3+250331
I will donate to the project if issue is resolved	No
Browser	Not relevant
Database type & version	Postgresql 15.12
Server OS (if known)	Debian 12
Webserver software & version (if known)	Apache 2.4.62
PHP Version	PHP 8.2

User List	chimp358

gabrieljenik 2025-07-18 23:01 manager ~83109	Only the initial permissions have been taken into account and not the role permissions The permissions returned by the RC match the ones in the screenshot? Are the role permissions taken into account in the screenshot attached? From what you say, I believe the problem: Is not about the current permissions being wrong. They match with the screenshot. Is about the role permissions not being sent by the RC. Look forward to your comments.

Date Modified	Username	Field	Change
2025-04-02 09:37	SESSOU	New Issue
2025-04-02 09:37	SESSOU	File Added: Capture d’écran 2025-04-01 à 11.38.18.png
2025-05-14 18:23	chimp358	Issue Monitored: chimp358
2025-05-14 18:23	chimp358	Bug heat	0 => 2
2025-07-16 15:48	tibor.pacalat	Assigned To	=> gabrieljenik
2025-07-16 15:48	tibor.pacalat	Status	new => assigned
2025-07-18 23:01	gabrieljenik	Note Added: 83109
2025-07-18 23:01	gabrieljenik	Bug heat	2 => 4

View Issue Details

Users monitoring this issue

Activities

Issue History