New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

All your rights have been revoked. Please contact the manager for your organization #110

Closed
eLvErDe opened this Issue Jul 12, 2018 · 22 comments

Comments

4 participants
@eLvErDe

eLvErDe commented Jul 12, 2018

Hello,

It used to work but stopped sudently.

In the database "monarc_cli" my super-admin (and only used) user has id 1.
Roles tables looks like this:

+----+---------+--------------+-------------+---------------------+
| id | user_id | role         | creator     | created_at          |
+----+---------+--------------+-------------+---------------------+
|  9 |       1 | superadminfo | Admin Admin | 2018-05-17 17:26:55 |
| 10 |       1 | userfo       | Admin Admin | 2018-05-17 17:26:55 |
| 13 |       2 | superadminfo | Mcom Info   | 2018-07-06 13:59:20 |
+----+---------+--------------+-------------+---------------------+

Thanks in advance,

Adam

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 12, 2018

Weird. Especially the fact the the ids are starting at 9. Do you have already changed roles and/or deleted users?
Did you check the table 'users'?

You can also create a new admin with the command:

php ./vendor/robmorgan/phinx/bin/phinx seed:run -c ./module/MonarcFO/migrations/phinx.php

it will create a user with the login admin@admin.test and the password admin.

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 12, 2018

Also, you can launch an update of MONARC:

$ ./scripts/update-all.sh
$ rm -Rf data/cache/
@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 12, 2018

Hello,

Just did and the same error messages occurs with admin@admin.test

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 12, 2018

Which version of MONARC are you using?
Can you also please tell us what are the last entries in the phinx_log table of monarc_cli database ?

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 12, 2018

Latest version pulled by update script. SQL extract will be there tomorrow morning.
Thanks for your assistance

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 13, 2018

I just installed a 2.4.0 and upgraded to 2.5.0. Here is what I get in the tables, especially for the logs of phinx:

MariaDB [monarc_cli]> SELECT * FROM users;
+----+------------+----------+--------+-----------+----------+-----------------+--------------------------------------------------------------+----------+---------+---------------------+-------------+---------------------+----------------+
| id | date_start | date_end | status | firstname | lastname | email           | password                                                     | language | creator | created_at          | updater     | updated_at          | current_anr_id |
+----+------------+----------+--------+-----------+----------+-----------------+--------------------------------------------------------------+----------+---------+---------------------+-------------+---------------------+----------------+
|  1 | NULL       | NULL     |      1 | Admin     | Admin    | admin@admin.com | $2y$10$5NBGalyf3Pg1AiJPske6befU5MHlzaw0O3dE.KZioTYtmfabGz5PW |        1 | System  | 2018-05-30 09:43:54 | Admin Admin | 2018-07-13 10:07:38 |              1 |
+----+------------+----------+--------+-----------+----------+-----------------+--------------------------------------------------------------+----------+---------+---------------------+-------------+---------------------+----------------+
1 row in set (0.00 sec)

MariaDB [monarc_cli]> SELECT * FROM users_roles;
+----+---------+--------------+---------+---------------------+
| id | user_id | role         | creator | created_at          |
+----+---------+--------------+---------+---------------------+
|  1 |       1 | superadminfo | System  | 2018-05-30 09:43:54 |
|  2 |       1 | userfo       | System  | 2018-05-30 09:43:54 |
+----+---------+--------------+---------+---------------------+
2 rows in set (0.00 sec)

MariaDB [monarc_cli]> SELECT * FROM phinxlog;
+----------------+--------------------------------------------+---------------------+---------------------+
| version        | migration_name                             | start_time          | end_time            |
+----------------+--------------------------------------------+---------------------+---------------------+
| 20160513144442 | InitialDb                                  | 2018-05-30 09:33:32 | 2018-05-30 09:33:36 |
| 20161116145527 | RemoveLabelFields                          | 2018-05-30 09:33:36 | 2018-05-30 09:33:36 |
| 20161118142221 | AddRwdUsersAnrs                            | 2018-05-30 09:33:36 | 2018-05-30 09:33:36 |
| 20161118152334 | AddCreatorUsersAnrs                        | 2018-05-30 09:33:36 | 2018-05-30 09:33:37 |
| 20161124105117 | DefaultModeGeneric                         | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161125130428 | AnrAddModelId                              | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161129110011 | AddQuestionsTables                         | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161129145501 | InterviewsDate                             | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161130144341 | DeleteSnapshot                             | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161201140911 | ResponsesQuestions                         | 2018-05-30 09:33:37 | 2018-05-30 09:33:37 |
| 20161202133452 | Recommandations                            | 2018-05-30 09:33:37 | 2018-05-30 09:33:38 |
| 20161209151428 | ObjectRemoveModel                          | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161213134211 | RecommandationsHisto                       | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161213134223 | AnrRemoveSnapshotIds                       | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161215093042 | RecommandationsHistoModifications          | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161217021437 | AddScalesUpdatableAnr                      | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161217172837 | AddUserCurrentAnrId                        | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161219105117 | RecommandationsHistoDelete                 | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161219111637 | UserCurrentAnrIdDelete                     | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161219112517 | DeleteUser                                 | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161222092728 | AnrUpdateSeuils                            | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20161227114041 | InstancesRisksOp                           | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20170102105756 | RemoveServerIdFromClientsTable             | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20170106105028 | InstancesUpdatePositions                   | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20170111131545 | QuestionAddMode                            | 2018-05-30 09:33:38 | 2018-05-30 09:33:38 |
| 20170113132351 | InstanceRisksOpForeignKeys                 | 2018-05-30 09:33:38 | 2018-05-30 09:33:39 |
| 20170113161631 | DeliveriesVersion                          | 2018-05-30 09:33:39 | 2018-05-30 09:33:39 |
| 20170126132609 | RecommandationsRebuildPositions            | 2018-05-30 09:33:39 | 2018-05-30 09:33:39 |
| 20170223160719 | RemoveThreatsUnusedCols                    | 2018-05-30 09:33:39 | 2018-05-30 09:33:39 |
| 20170223163433 | UpdateScalesLabelPersonalEn                | 2018-05-30 09:33:39 | 2018-05-30 09:33:39 |
| 20170421160033 | UpdateTrendFieldDefault                    | 2018-05-30 09:33:39 | 2018-05-30 09:33:39 |
| 20170613110001 | UpdateThreatSizeField                      | 2018-05-30 09:33:39 | 2018-05-30 09:33:40 |
| 20170809073537 | RemoveCategoriesColumnFromOperationalRisks | 2018-05-30 09:33:40 | 2018-05-30 09:33:40 |
| 20171117115809 | RemoveUselessInformationinClientTable      | 2018-05-30 09:33:40 | 2018-05-30 09:33:40 |
| 20180322092327 | AddTableDeliveriesModels                   | 2018-05-30 09:33:40 | 2018-05-30 09:33:40 |
| 20180426205649 | UseDefaultTemplateFolderOnFo               | 2018-05-30 09:33:40 | 2018-05-30 09:33:40 |
| 20180531082340 | RemovePhoneNumberFromUsersTable            | 2018-07-13 08:06:25 | 2018-07-13 08:06:25 |
| 20180607081807 | ValidateRecForRiskOp                       | 2018-07-13 08:06:25 | 2018-07-13 08:06:26 |
| 20180608121012 | OperationalRisksAreNotUpdated              | 2018-07-13 08:06:26 | 2018-07-13 08:06:26 |
+----------------+--------------------------------------------+---------------------+---------------------+
39 rows in set (0.00 sec)

During the update did you had problems with composer due to the GitHub token?

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 13, 2018

Hello,

I had some token issue but I created one and it didn't complain anymore.

Here are mine:

+----+------------+----------+--------+-------------+----------+------------------------------------+--------------------------------------------------------------+----------+-----------+---------------------+-----------+---------------------+----------------+
| id | date_start | date_end | status | firstname   | lastname | email                              | password                                                     | language | creator   | created_at          | updater   | updated_at          | current_anr_id |
+----+------------+----------+--------+-------------+----------+------------------------------------+--------------------------------------------------------------+----------+-----------+---------------------+-----------+---------------------+----------------+
|  1 | NULL       | NULL     |      1 | Mcom        | Info     | mcom-info@domain1              | $2y$10$[...] |        1 | System    | 2018-04-27 13:40:50 | Mcom Info | 2018-07-06 14:35:33 |              2 |
|  2 | NULL       | NULL     |      0 | Jean-Didier | Name    | jean-didier.name@domain2 | NULL                                                         |        1 | Mcom Info | 2018-07-06 13:54:51 | Mcom Info | 2018-07-06 13:59:20 |           NULL |
|  3 | NULL       | NULL     |      1 | Admin       | Admin    | admin@admin.test                   | $2y$10$ |        1 | System    | 2018-07-12 14:30:38 | NULL      | NULL                |           NULL |
+----+------------+----------+--------+-------------+----------+------------------------------------+--------------------------------------------------------------+----------+-----------+---------------------+-----------+---------------------+----------------+
+----+---------+--------------+-------------+---------------------+
| id | user_id | role         | creator     | created_at          |
+----+---------+--------------+-------------+---------------------+
|  9 |       1 | superadminfo | Admin Admin | 2018-05-17 17:26:55 |
| 10 |       1 | userfo       | Admin Admin | 2018-05-17 17:26:55 |
| 13 |       2 | superadminfo | Mcom Info   | 2018-07-06 13:59:20 |
| 14 |       3 | superadminfo | System      | 2018-07-12 14:30:38 |
| 15 |       3 | userfo       | System      | 2018-07-12 14:30:38 |
+----+---------+--------------+-------------+---------------------+
+----------------+--------------------------------------------+---------------------+---------------------+
| version        | migration_name                             | start_time          | end_time            |
+----------------+--------------------------------------------+---------------------+---------------------+
| 20160513144442 | InitialDb                                  | 2018-04-27 13:40:21 | 2018-04-27 13:40:27 |
| 20161116145527 | RemoveLabelFields                          | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161118142221 | AddRwdUsersAnrs                            | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161118152334 | AddCreatorUsersAnrs                        | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161124105117 | DefaultModeGeneric                         | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161125130428 | AnrAddModelId                              | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161129110011 | AddQuestionsTables                         | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161129145501 | InterviewsDate                             | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161130144341 | DeleteSnapshot                             | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161201140911 | ResponsesQuestions                         | 2018-04-27 13:40:27 | 2018-04-27 13:40:27 |
| 20161202133452 | Recommandations                            | 2018-04-27 13:40:27 | 2018-04-27 13:40:28 |
| 20161209151428 | ObjectRemoveModel                          | 2018-04-27 13:40:28 | 2018-04-27 13:40:29 |
| 20161213134211 | RecommandationsHisto                       | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161213134223 | AnrRemoveSnapshotIds                       | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161215093042 | RecommandationsHistoModifications          | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161217021437 | AddScalesUpdatableAnr                      | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161217172837 | AddUserCurrentAnrId                        | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161219105117 | RecommandationsHistoDelete                 | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161219111637 | UserCurrentAnrIdDelete                     | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161219112517 | DeleteUser                                 | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161222092728 | AnrUpdateSeuils                            | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20161227114041 | InstancesRisksOp                           | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170102105756 | RemoveServerIdFromClientsTable             | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170106105028 | InstancesUpdatePositions                   | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170111131545 | QuestionAddMode                            | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170113132351 | InstanceRisksOpForeignKeys                 | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170113161631 | DeliveriesVersion                          | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170126132609 | RecommandationsRebuildPositions            | 2018-04-27 13:40:29 | 2018-04-27 13:40:29 |
| 20170223160719 | RemoveThreatsUnusedCols                    | 2018-04-27 13:40:29 | 2018-04-27 13:40:30 |
| 20170223163433 | UpdateScalesLabelPersonalEn                | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20170421160033 | UpdateTrendFieldDefault                    | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20170613110001 | UpdateThreatSizeField                      | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20170809073537 | RemoveCategoriesColumnFromOperationalRisks | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20171117115809 | RemoveUselessInformationinClientTable      | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20180322092327 | AddTableDeliveriesModels                   | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20180426205649 | UseDefaultTemplateFolderOnFo               | 2018-04-27 13:40:30 | 2018-04-27 13:40:30 |
| 20180531082340 | RemovePhoneNumberFromUsersTable            | 2018-07-06 12:19:51 | 2018-07-06 12:19:51 |
| 20180607081807 | ValidateRecForRiskOp                       | 2018-07-06 12:19:51 | 2018-07-06 12:19:52 |
| 20180608121012 | OperationalRisksAreNotUpdated              | 2018-07-06 12:19:52 | 2018-07-06 12:19:52 |
+----------------+--------------------------------------------+---------------------+---------------------+
@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 13, 2018

All seems good.
And if you look here (just after the login):

screenshot_20180713_085411

Is there any error?

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 13, 2018

I receive a token on auth then, 401 on user-roles

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 13, 2018

Maybe the application is no more able to write in data/ ?
You can delete data/cache and data/DoctrineORMModule directories.

Do you have a lot of stacked error messages at the right of the Web page?

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 13, 2018

Write permission is ok (www-data/minarc 755), folder purged, new files gets created. I have no console error except the 401 call to user-roles :/

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 16, 2018

Hi there,

Any other idea ? I can add some debug code to JS scripts if needed.

Adam.

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 16, 2018

Hello,

yes if you see something other interesting, you can share it. Actually we're running out of ideas, since all seems fine and we never something like this...

if it would have been a HTTP 500 error I would have asked you to check also the disk space, but it's a 401.

But maybe there is something interesing in the JS output....

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 16, 2018

        var updateRoles = function (promise) {
            $http.get('api/users-roles').then(
                function (data) {
                    if (data.status == 200 && data.data && data.data.roles) {
                        self.permissionGroups = [];

                        for (var i = 0; i < data.data.roles.length; ++i) {
                            self.permissionGroups.push(data.data.roles[i].role);
                        }

                        localStorageService.set('permission_groups', JSON.stringify(self.permissionGroups));

                        if (promise) {
                            promise.resolve(true);
                        }
                    } else {
                        self.authenticated = false;
                        self.token = null;

                        if (promise) {
                            promise.reject();
                        }
                    }
                },
                function (data) {
                    self.authenticated = false;
                    self.token = null;

                    if (promise) {
                        toastr.error(gettextCatalog.getString("All your rights have been revoked. Please contact the manager for your organization"))
                        promise.reject(true);
                    }
                }
            )
        };

It's happening there but as a non JS developper I'm having hard time understanding this code.
The error showing up is the toastr call from the "second callback". What this code means ? Two callbacks attached to the then() method ?

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 16, 2018

This code is OK. I thought you saw something in he console log.

From the previous logs we saw that there is a 401 HTTP return code. So the second then() handler is executed. The problem is probably in the backend. Possibly in https://github.com/monarc-project/monarc-project/zm-client/blob/a6669bf4189996a182f1ad32f0e2fb8cdd32a145/src/MonarcFO/Controller/ApiAdminUsersRolesController.php or here https://github.com/monarc-project/zm-core/blob/e9d1db2beb91a48c94e2f5940f1b7f437494daa7/src/MonarcCore/Service/UserRoleService.php .
Maybe you can add some print debug in this side. The exception may be raised somewhere in UserRoleService.php . I am really curious about that...

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 23, 2018

Hello,

Any idea of which method I should check ?
I tried adding some debug on the first one I say (getList) and it is called at least one and returns and empty array sadly.

Regards, Adam.

@eLvErDe

This comment has been minimized.

eLvErDe commented Jul 23, 2018

public function getList [...]

        return $userRoleTable->getRepository()->createQueryBuilder('t')
            ->select(['t.id', 't.role'])
            ->where('t.user = :id')
            ->setParameter(':id', $filter)
            ->getQuery()->getResult();

This code returns nothing and it seems to be enough to get the role error message. Other method don't seem to be called.

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Jul 25, 2018

Our problem is that actually we do not see any problem and we still have no way to reproduce the problem or other occurrence of this. If there is a problem it should be clearly be in the backend side, in the controllers or services.

@lcpdn

This comment has been minimized.

lcpdn commented Aug 27, 2018

Hi.
I have an almost similar problem. Except, it is on a fresh install when trying to access the new account admin@admin.test.

There is effectively a 401 error in the Apache logs for the ressource: api/users_roles, but in the browser console, I get the following traces (on gist: https://gist.github.com/lcpdn/96edef8604af77b7e892ba3f76eab99b ). And I have a lot of stacked error messages at the right of the Web page.

Has there been any progress on this issue ?

My distribution is: Linux 4.15.0-32-generic #35-Ubuntu SMP Fri Aug 10 17:58:07 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Many thanks,

@eLvErDe

This comment has been minimized.

eLvErDe commented Aug 27, 2018

Sorry, no progress. There was not much done yet so we started over on a fresh install....

@jerolomb

This comment has been minimized.

Contributor

jerolomb commented Aug 28, 2018

@lcpdn your problem seems different. If you have a lot of red box on the right of the screen, it's probably a right error or a repository which is not created.

Can you check if in the repository of the installation you have the folder ./data/cache which 755 rights ?

@cedricbonhomme cedricbonhomme added the bug label Oct 8, 2018

@cedricbonhomme

This comment has been minimized.

Member

cedricbonhomme commented Oct 8, 2018

we have a potential fix, finally. Will be in the next release.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment