On March 26, 2019 we launched new MODX Forums. Please join us at the new MODX Community Forums.
Subscribe: RSS
  • pierrot1010 Reply #1, 3 years ago
    Dear All,

    I just installed and setup a MODX2.5.7 web site and I now setup ACL permission following that procedure

    I flushed the permission.

    Now when I log with an user account with edit permission, after selecting a ressource, I receive that error messge
    Code: 200 OK
    {"success":false,"message":"Autorisation refus\u00e9e !","total":0,"data":[],"object":[]}

    I surfed into the MODX forum I found serveral solution. Those solution work for the forum topic owner.
    One of them what to check and select view_user and class_map. I also red to change the setting compress_css and compress_js to false.

    Even if I tried those solution, it did not solve my issue. Did I missed something?

    I would like to point out, this issue happen only for user with edit permission. For my admin account, I do not experience that issue.

    So, I wunder, if you would have another solution to help me to solve it

    Many that for your support

    This question has been answered by multiple community members. See the first response.

    • This may not help, but flushing permissions alone is not enough. You also have to flush sessions (log everyone out) after making any permission changes. And if you're changes aren't taking effect, it doesn't hurt to also delete all files in the core/cache directory.

      To see if this is really a MODX permissions issue, temporarily make the user a sudo user. If that solves it, it's definitely a MODX permission issue.

      Another good technique is to temporarily change the policy to a duplicate of the Administrator Policy for Context Access ACL entries, or a duplicate of the Resource policy for Resource Group Access ACL entries. If that fixes things, you can then start unchecking permissions in the policy until it breaks down. That will tell you which permission was missing. [ed. note: BobRay last edited this post 3 years ago.]
        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
      • From my experience with this it's usually due to disallowing permission to something that is still being loaded on the resources. I often find it an easier process to first create a custom form manager that removes the fields and tabs I don't want the user to be able to edit and then go in and selectively disable permissions with ACL.
          ■ email: lk@alienbuild.uk | ■ website: https://alienbuild.uk

          The greatest compliment you can give back to us, is to spend a few seconds leaving a rating at our trustpilot: https://uk.trustpilot.com/review/alienbuild.uk about the service we provided. We always drop mention of services offered by businesses we've worked with in the past to those of interest.
        • pierrot1010 Reply #4, 3 years ago
          Thank for your support,

          I granted the user with sudo
          I flush the permission and I cleaned the cache from
          I unlog all users
          I deleted /core/cache
          I logged with the user and I still have this error message shocked(

          However, when I check the sudo check box for the user, the problem is solved. Thank!

          But I do not want to keep her as sudo. Any idea what I need to change in my policy?
          • pierrot1010 Reply #5, 3 years ago
            this thing I do not understand.

            I previously build a web site with MODx 2.5.1 and I do have that issue. I compare all setting and policies and all seams to be egal.

            The difference between two site, 2.5.1 is in two language and the actual web site 2.5.7 has only one language

            Can this problem come from the .htaccess file? (I configure URL friendly for both but the htaccess is a bit difference as I am using Babel for the multilanguage...

            I become creasy shocked)
            • discuss.answer
              Mark Hamstra Reply #6, 3 years ago
              The view_templates permission is also required for an editor user, make sure that one is ticked as well.

              There was a change (caused by me, sorry tongue) in 2.5.1 or 2.5.2 where some actions were assigned a new permission. That was meant to combat a security issue, but had the side effect of requiring a new permission in some cases. That explains why you would not have that problem on an older site with the same permission set (though you really must update that ASAP, the security issues fixed in 2.5.2 are quite severe).

              It's highly unlikely that a .htaccess file causes that error, but that's easy to disprove. Simply rename it to something else for a moment and verify that the problem is still present.
                Mark Hamstra • Developer spending his days working on Premium Extras and a MODX Site Dashboard with the ability to remotely upgrade MODX and extras to make the MODX world a little better.

                Tweet me @mark_hamstra, check my infrequent blog at markhamstra.com, my slightly more frequent ramblings at MODX.today or see code at Github.
              • discuss.answer
                pierrot1010 Reply #7, 3 years ago
                Thank a lot, Mark!!!!! That solved my problem!!!

                I checked 'view_templates'
                I logged out the user
                I cleaned cache and emptied /core/cache
                I logged user and .... solved!!