View Issue Details

This bug affects 1 person(s).
 8
IDProjectCategoryView StatusLast Update
08373Bug reportsOtherpublic2013-12-19 14:17
ReporterResearchOnBlogs Assigned Toc_schmitz  
PrioritynormalSeverityminor 
Status closedResolutionfixed 
Product Version2.05 RC 
Target Version2.05+Fixed in Version2.05+ 
Summary08373: setting global permission for admin users - causes error
Description

if you try to set the permission for (new) admin users you get an error:

Access denied!

You are not allowed to perform this operation!

Continue

TagsNo tags attached.
Attached Files
Bug heat8
Complete LimeSurvey version number (& build)131105
I will donate to the project if issue is resolvedNo
Browserxx
Database type & versionxx
Server OS (if known)xx
Webserver software & version (if known)xx
PHP Versionxx

Relationships

related to 08399 closedDenisChenu Admin can't edit another admin created user rights 

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2013-11-15 18:51

developer   ~27201

Can not reproduce. More details ...

mfaber

mfaber

2013-11-16 00:48

reporter   ~27209

tried but cannot reproduce

ResearchOnBlogs

ResearchOnBlogs

2013-11-17 13:50

developer   ~27214

I make one more test. Do you see the the little "Take ownership" icon? In this case you get this error.

The question is, if this error is useful in this case (if yes,this error should not to be shown on a white screen - instead in a error modal or in the message area )?

Why must a admin user have a parent? (in my case it's created by a script) Of cause I could use a given user as parent in the script...

DenisChenu

DenisChenu

2013-11-17 19:22

developer   ~27216

You create the user with a super admin ? And connect with another admin ?

Can you tell the rigth of each user ?

ResearchOnBlogs

ResearchOnBlogs

2013-11-18 10:10

developer   ~27217

No, I created this user by a script, without giving a parent User ID.
No connection with another.
Rights - no rights.

What I did:

  1. created a user via script/plugin (without parent user ID)
  2. try to set perms manually - error message

To solve this, I COULD use a parent super admin - of cause! But must I? It's a architecture question, I think and a question how other cases will be solved (error handling/ error messaging)!

In this context I found an other case/bug:

  1. created a user via script/plugin (without parent user ID)
  2. try to "take ownership" manually - nothing happens

The question is, if it's useful to set up a guideline which says: "In any case you have to use a parent UserID if you create a new user via a script" or to fit the malfunctions.

DenisChenu

DenisChenu

2013-11-18 10:33

developer   ~27218

Last edited: 2013-11-18 10:34

Hi,
1st : if a user have no 'user rigth' access: return a real error and not a die
2nd : if a user have no 'user rigth' access: don't show button
3rd : Allow 'take owner ship' and see what we get here (depending of rigths)

EDIT : what is the user when you are connected : super admin ? If yes : super admin have to have rigth here.

c_schmitz

c_schmitz

2013-11-21 11:42

administrator   ~27285

Yes, you need to have a parent user, otherwise it won't work.
How do you create the new user in the script?

DenisChenu

DenisChenu

2013-11-21 18:08

developer   ~27300

Last edited: 2013-11-21 18:09

c_schmitz : a super admin user can set rigth even if there are no parent user, no ?
Maybe : no parent : only super admin have rigth to do something ?

ResearchOnBlogs

ResearchOnBlogs

2013-11-22 12:20

developer   ~27316

Hi, I used this for user creation:

$parent_id = 02; // NOW, this id is from a superadmin
$new_user = $adminuser = $response['username'];
$new_email = $email = $response['email'];
$name = $response['comp_name'] . ' ' . $response['comp_contact1_2'] . ' ' . $response['comp_contact1_1'];
$new_pass = $password = createPassword();
$iNewUID = User::model()
->insertUser($adminuser, $password, $name, $parent_id, $email);

The question is a more general question, how to handle errors and about documentation (example you need in every case a parent user...)

c_schmitz

c_schmitz

2013-11-22 13:35

administrator   ~27318

I am wondering - in my database it is not possible to insert an entry without parent_id? At least the parent_id needs to be 0.

DenisChenu

DenisChenu

2013-11-22 13:41

developer   ~27320

Cartsen : see my comment on:
http://bugs.limesurvey.org/plugin.php?page=Source/view&id=13487

In 2.00 : only initial super admin can set/unset super admin rigth : and in 2.05 ?

We search superadmin by parent_id==0, maybe must be:
parent_id==0 AND ({{permissions}}.permission==superadmin ) (or uid==1 if OK )

c_schmitz

c_schmitz

2013-11-27 16:28

administrator   ~27438

All admins should have a parent_id - so all users are childs of the ID 1 superadmin (which is the only one to have a parent_id 0).
Let's just agree on that and we can close this ;).

c_schmitz

c_schmitz

2013-11-27 17:02

administrator   ~27439

Last edited: 2013-11-27 17:02

Note: Fix this so that only superadmin with ID 1 can create superadmins.

c_schmitz

c_schmitz

2013-12-18 16:18

administrator   ~27610

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=13597

c_schmitz

c_schmitz

2013-12-19 14:17

administrator   ~27657

2.05+ Build 131219 released

Related Changesets

LimeSurvey: master cbfb3b0f

2013-12-18 15:18:41

c_schmitz

Details Diff
Fixed issue 08373: Any superadmins can create more superadmins Affected Issues
08373
mod - application/controllers/admin/useraction.php Diff File
mod - application/models/Permission.php Diff File
mod - application/models/User.php Diff File

Issue History

Date Modified Username Field Change
2013-11-15 16:34 ResearchOnBlogs New Issue
2013-11-15 16:34 ResearchOnBlogs File Added: Bildschirmfoto 2013-11-15 um 16.33.40.png
2013-11-15 18:51 DenisChenu Note Added: 27201
2013-11-16 00:48 mfaber Note Added: 27209
2013-11-17 13:50 ResearchOnBlogs Note Added: 27214
2013-11-17 19:22 DenisChenu Note Added: 27216
2013-11-18 10:10 ResearchOnBlogs Note Added: 27217
2013-11-18 10:33 DenisChenu Note Added: 27218
2013-11-18 10:34 DenisChenu Note Edited: 27218
2013-11-21 11:42 c_schmitz Note Added: 27285
2013-11-21 11:42 c_schmitz Assigned To => c_schmitz
2013-11-21 11:42 c_schmitz Status new => feedback
2013-11-21 18:08 DenisChenu Note Added: 27300
2013-11-21 18:09 DenisChenu Note Edited: 27300
2013-11-22 11:28 c_schmitz Target Version => 2.05+
2013-11-22 12:03 DenisChenu Relationship added related to 08399
2013-11-22 12:20 ResearchOnBlogs Note Added: 27316
2013-11-22 12:20 ResearchOnBlogs Status feedback => assigned
2013-11-22 13:35 c_schmitz Note Added: 27318
2013-11-22 13:37 c_schmitz Status assigned => feedback
2013-11-22 13:41 DenisChenu Note Added: 27320
2013-11-27 16:28 c_schmitz Note Added: 27438
2013-11-27 17:02 c_schmitz Note Added: 27439
2013-11-27 17:02 c_schmitz Note Edited: 27439
2013-12-18 16:18 c_schmitz Changeset attached => LimeSurvey master cbfb3b0f
2013-12-18 16:18 c_schmitz Note Added: 27610
2013-12-18 16:18 c_schmitz Resolution open => fixed
2013-12-18 16:20 c_schmitz Status feedback => resolved
2013-12-18 16:20 c_schmitz Fixed in Version => 2.05+
2013-12-19 14:17 c_schmitz Note Added: 27657
2013-12-19 14:17 c_schmitz Status resolved => closed