View Issue Details

This bug affects 1 person(s).
 4
IDProjectCategoryView StatusLast Update
17454Bug reportsOtherpublic2021-07-22 12:50
Reporteralorenc Assigned Togalads  
PrioritynoneSeverityminor 
Status confirmedResolutionopen 
Product Version3.25.19 
Summary17454: Unable to remove a user with survey permissions with friendly url enabled
DescriptionUnable to remove user in domain from "Survey permissions" list if friendly URL is enabled.
Steps To ReproduceDescription:
- add a new user in "Manage survey administrators", username: "DOMAIN\username" (without assigning permissions)
- go to the poll in "Survey permissions", add the user to the list, save with an empty list of permissions
- click the delete icon next to the added user
- displays the message: "Deleting user Username: DOMAIN Success!" (dont backslash and username are missing here)
URL: https://limesurvey.test/admin/surveypermission/sa/delete/surveyid/333457/action/delsurveysecurity/user/DOMAIN%5Cusername/uid/6
- after clicking ok, it moves to the list of users where our "DOMAIN\username" is still visible because it has not been deleted.

After disabling the friendly url:
- again delete user "DOMAIN\username"
"Deleting user User name: DOMAIN\username Success! (displays correctly)
URL: https: //limesurvey.test/index.php?r=admin/surveypermission/sa/delete/surveyid/333457&action=delsurveysecurity&user=DOMAIN%5Cusername&uid=6
- after clicking ok, it takes us to the list of users, where there is no deleted user
Additional InformationProject configuration:
- "WebServer" plugin enabled
- "Delete part of domain ..." option unchecked, ie we want to save users as DOMAIN \ username
- in the configuration file we turned on the "auth_webserver_autocreate_user" option to automatically add them
- in the configuration file we additionally changed the options for "urlManager", we set "urlFormat = path", "showScriptName = false" and "caseSensitive = true".
- in IIS we use the Rewrite mod
- in the web.config file we also have redirect rules set to cut the "php" extension - we'll join it later if needed.


If "friendly url" is disabled at the configuration file level, ie changing urlManager options to default, everything works fine.
TagsNo tags attached.
Bug heat4
Complete LimeSurvey version number (& build)v3.27.7+210713
I will donate to the project if issue is resolvedNo
BrowserChrome v91.0.4472.124
Database & DB-VersionMYSQL v15
Server OS (if known)
Webserver software & version (if known)
PHP Versionv7.4.15 NTS x64

Activities

DenisChenu

DenisChenu

2021-07-16 16:06

developer   ~65479

Username with \ (and maybe /) .

Yep !
DenisChenu

DenisChenu

2021-07-16 16:14

developer   ~65481

Yes :)

I mean url construction is bad , even with PATH : it must be

admin/surveypermission/sa/delete/surveyid/333457/action/delsurveysecurity&user=DOMAIN%5Cusername&uid=6
DenisChenu

DenisChenu

2021-07-16 16:15

developer   ~65482

> - in IIS we use the Rewrite mod

How do you do this ? Can you put some detail ot our manual ?
https://manual.limesurvey.org/General_FAQ#With_nginx_webserver

Create a https://manual.limesurvey.org/General_FAQ#With_IIS_webserver
alorenc

alorenc

2021-07-19 08:26

reporter   ~65498

That's what I thought, wouldn't it be better if this mechanism passed the user id instead of the username in the user parameter?
alorenc

alorenc

2021-07-19 08:28

reporter   ~65499

Sorry, I didn't notice that the link has a uid, so why is the user parameter additionally passed?
DenisChenu

DenisChenu

2021-07-19 08:32

developer   ~65500

I don't know : must be tested without the name.

There are currently another commit about deletion of user @gabrieljenik : you can check ?

Issue History

Date Modified Username Field Change
2021-07-16 15:59 alorenc New Issue
2021-07-16 16:06 DenisChenu Note Added: 65479
2021-07-16 16:06 DenisChenu Bug heat 0 => 2
2021-07-16 16:12 alorenc Bug heat 2 => 4
2021-07-16 16:14 DenisChenu Note Added: 65481
2021-07-16 16:15 DenisChenu Note Added: 65482
2021-07-19 08:26 alorenc Note Added: 65498
2021-07-19 08:26 galads Assigned To => galads
2021-07-19 08:26 galads Status new => testing
2021-07-19 08:28 alorenc Note Added: 65499
2021-07-19 08:32 DenisChenu Note Added: 65500
2021-07-22 12:50 galads Status testing => confirmed