-
- 118 Posts
User got this error window when open resource in manager:
Code: 200 OK
{"success":false,"message":"K\u00e4ytt\u00f6 estetty!","total":0,"data":[],"object":[]}
(K\u00e4ytt\u00f6 estetty! is "Permission denied" in finnish lang manager)
I have tried several solutions around forums but none of them work now.
I`m raised my hands to find what permission caused this.
Tassu, webmaster of Valokammi
-
- 24,544 Posts
First, be sure to flush both permissions and sessions after making any changes.
As a quick test, make the user a sudo user. If the problem persists, it's not a MODX permission problem and could be mod_security. If that fixes the problem, take away the sudo status and flush everything.
Look at all the permissions in both the user group's Context and Resource Group Access (if any) Policies. Look especially for the key words: load, list, view, edit, save, and update.
If that fails, check the checkbox for all the permissions on the user group's Context and Resource Group Access (if any) Policies. Then take them away, a few at a time, flushing and testing as you go until you find the critical permission.
-
- 118 Posts
Yes, these problems can be tricy to solve. Especially when they come from bushes. I did it with hard way, starting with full administrator access policy grid.
I attached policy template which worked for my purposses without error (I never found what exactly causes error) and are relatively safe user to use.
NOTE: Template contains user management and other policies that you may not need. Use your own risk this template and check it carefully. But no 200 ok errors.
Tassu, webmaster of Valokammi
Hi Folks, this appears to be a byproduct of changes to permissions in 2.5.4, the user would never have been able to see the templates but now, it's displaying the error that they do not have permission to see them. See:
https://github.com/modxcms/revolution/issues/13243
Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup
magician.
Blog ✦
Twitter ✦
LinkedIn ✦
GitHub
I am not suggesting this is the right outcome. The field should probably just be not rendered or disabled for the user who doesn't have permissions since my understanding is view_templates is related to seeing/accessing in the Elements tree. I could be wrong.
Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup
magician.
Blog ✦
Twitter ✦
LinkedIn ✦
GitHub
-
- 24,544 Posts
@clareoconsulting: Nice bug hunting.
Do you mind if I do a blog post on it?
-
- 109 Posts
@BobRay, no objections whatsoever.
-
- 24,544 Posts
Thanks.