@clareoconsulting Thanks for the debugging tip.
It is very helpful to allow the test user to flush his own permissions ( Access Policy: flush_sessions ) and the user has to see the "Manage" menu ( Access Policy: menu_tools ).
I got the same problem on every modx site after updating to 2.5.4 too.
I check the network traffic with the requests with the developer tools as clareoconsulting described.
In my case i had a security problem to get the users list. I added a group of editors without any administrator rights. They only should edit content, pictures and text. So i copied the default Content Editor policy and customized the custom copy.
On every saving action the permission denid message appered:
The dev-tools showed that:
https://
URL/connectors/index.phpid=action=security%2Fuser%2Fgetlist
parsed: action:security/user/getlist
I solved it to add the access poliy "
view_user".
Why is it necessary? The message appears when my editors got the default "Content Editor" policy.
After adding the "view_user" policy a new menu item appears in the "Manage" menu: "Users". When the editors clicking on it they getting an hard acceess denied.
Link of the "Users" menu:
https://
URL/manager/?a=security/user
Hard error message:
<div class="modx_error">
<h2><i class="icon icon-exclamation-triangle"></i> An error occurred...</h2>
<div class="error_container">
<p>Access denied.</p>
</div>
</div>
I think that is a bug.
btw: Why are the menu names in the acl are different to the real english names?
Example: access policy: menu_tools, description: Show the top menuu item "Tools", real name: "Manage"
[ed. note: i-am-neo last edited this post 7 years, 1 month ago.]