We launched new forums in March 2019—join us there. In a hurry for help with your website? Get Help Now!
    • 53738
    • 9 Posts
    Hi to all,

    Can anyone here try applying an ACL to MODX that run on Apache, PHP7 and MSSQL 2017?

    Heres my web server configuration

    (develoment server)

    XAMPP
    MSSQL 2017

    I am sucessfully run modx 2.5.7 based on setup above with some limited access to extra like MIGX and Collection but its works. Now i have situation here to restrict some users to access modx manager to hide some resources to non-admin users (Superuser) i.e editor users should see only resources that belong to thier Editor User Group as well to hide Elements, Global Settings and other function that not related to thier Editor User Group. I created a ACL, Role and Resource Group and successfully applied to Editor User Group same for Administrator User Group i created a different ACL, Role and Resource Group as high level Users.

    My problem now is;
    all resources still visible on editor users,
    and the assigning filesytem directory to editor user group is not work too.

    In my few website using MySQL i didnt encourter this error for applying ACL.

    Here's the error log based on MODX run on MSSQL 2017.

    2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:47:54] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:47:59] (ERROR @ D:\xampp\htdocs\test\core\xpdo\om\xpdoobject.class.php : 240) Error 42000 executing statement:
    Array
    (
    [0] => 42000
    [1] => 156
    [2] => [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Incorrect syntax near the keyword 'group'.
    )

    [2017-09-05 15:55:08] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 15:55:08] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method.
    [2017-09-05 15:55:10] (ERROR @ D:\xampp\htdocs\test\core\xpdo\om\xpdoobject.class.php : 240) Error 42000 executing statement:
    Array
    (
    [0] => 42000
    [1] => 156
    [2] => [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Incorrect syntax near the keyword 'group'.
    )

    [2017-09-05 17:07:14] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 644) Could not load class: modAccessNamespace from sqlsrv.modaccessnamespace.
    [2017-09-05 17:07:15] (ERROR @ D:\xampp\htdocs\test\core\xpdo\om\xpdoobject.class.php : 240) Error 42000 executing statement:
    Array
    (
    [0] => 42000
    [1] => 156
    [2] => [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Incorrect syntax near the keyword 'group'.
    )

    [2017-09-05 17:07:18] (ERROR @ D:\xampp\htdocs\test\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method. [ed. note: admore last edited this post 6 years, 6 months ago.]
      • 3749
      • 24,544 Posts
      Did you transfer the files individually with FTP? That often results in missing or corrupted files.

      Did you run setup on the site?

        Did I help you? Buy me a beer
        Get my Book: MODX:The Official Guide
        MODX info for everyone: http://bobsguides.com/modx.html
        My MODX Extras
        Bob's Guides is now hosted at A2 MODX Hosting
        • 53738
        • 9 Posts
        Quote from: BobRay at Sep 05, 2017, 07:18 PM
        Did you transfer the files individually with FTP? That often results in missing or corrupted files.

        Did you run setup on the site?


        hi Bobray thanks for the response, i transfer the files locally only and modx is fresh installation as well. I dont know if this one is related to MSSQL. Because i test different modx installation using MySQL i havent encountered this error.

        Regards
          • 53738
          • 9 Posts
          Quote from: BobRay at Sep 05, 2017, 07:18 PM
          Did you transfer the files individually with FTP? That often results in missing or corrupted files.

          Did you run setup on the site?


          hi Bobray thanks for the response, i transfer the files locally only and modx is fresh installation as well. I dont know if this one is related to MSSQL. Because i test different modx installation using MySQL i havent encountered this error.

          Regards
            • 3749
            • 24,544 Posts
            You ran setup, right? It never hurts to run it again (be sure it will run in Upgrade mode!).

            You can also look at the setup log (can't remember the location -- probably in the core/cache/logs directory) to see if you can spot any issues.
              Did I help you? Buy me a beer
              Get my Book: MODX:The Official Guide
              MODX info for everyone: http://bobsguides.com/modx.html
              My MODX Extras
              Bob's Guides is now hosted at A2 MODX Hosting
              • 53738
              • 9 Posts
              hi bobray,
              Yes, I run twice the setup. I sorted as well few errors stated in logs with the help of this link https://github.com/modxcms/revolution/issues/13172. I noticed also the modx_access_namespace table was not created in the database(MSSQL). And there's no modaccessnamespace.class.php and modaccessnamespace.map.inc.php files under of core\model\modx\sqlsrv. On schema modx.sqlsrv.schema.xml the modaccessnamespace existed. I managed to fix this by copying the files from core\model\modx\mysql and do few edits also create a table modx_access_namespace.
              Now my error now is this;

              (ERROR @ D:\xampp\htdocs\acl2\core\xpdo\xpdo.class.php : 762) modAccessNamespace::loadAttributes() is not a valid static method

              This is the last error i saw in my error logs.

              Thanks and Regards.
                • 3749
                • 24,544 Posts
                It looks like something is wrong with your modAccessNamespace class, or MODX is not loading the class. Here's the code of the class in my 2.5.7 install:

                <?php
                /**
                 * @package modx
                 * @subpackage mysql
                 */
                /**
                 * @package modx
                 * @subpackage mysql
                 */
                class modAccessNamespace extends modAccess {
                    /**
                     * Load the attributes for the ACLs for the context
                     *
                     * @static
                     * @param modX $modx A reference to the modX instance
                     * @param string $context The context to load from. If empty, will use the current context.
                     * @param int $userId The ID of the user to grab ACL records for.
                     * @return array An array of loaded attributes
                     */
                    public static function loadAttributes(&$modx, $context = '', $userId = 0) {
                        $attributes = array();
                
                        $accessTable = $modx->getTableName('modAccessNamespace');
                        $policyTable = $modx->getTableName('modAccessPolicy');
                        $memberTable = $modx->getTableName('modUserGroupMember');
                        $memberRoleTable = $modx->getTableName('modUserGroupRole');
                        if ($userId > 0) {
                            $sql = "SELECT acl.target, acl.principal, mr.authority, acl.policy, p.data FROM {$accessTable} acl " .
                                "LEFT JOIN {$policyTable} p ON p.id = acl.policy " .
                                "JOIN {$memberTable} mug ON acl.principal_class = 'modUserGroup' " .
                                "AND mug.member = :principal " .
                                "AND mug.user_group = acl.principal " .
                                "JOIN {$memberRoleTable} mr ON mr.id = mug.role " .
                                "AND mr.authority <= acl.authority " .
                                "ORDER BY acl.target, acl.principal, mr.authority, acl.policy";
                            $bindings = array(
                                ':principal' => $userId
                            );
                            $query = new xPDOCriteria($modx, $sql, $bindings);
                            if ($query->stmt && $query->stmt->execute()) {
                                while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) {
                                    $attributes[$row['target']][] = array(
                                        'principal' => $row['principal'],
                                        'authority' => $row['authority'],
                                        'policy' => $row['data'] ? $modx->fromJSON($row['data'], true) : array(),
                                    );
                                }
                            }
                        } else {
                            $sql = "SELECT acl.target, acl.principal, 0 AS authority, acl.policy, p.data FROM {$accessTable} acl " .
                                "LEFT JOIN {$policyTable} p ON p.id = acl.policy " .
                                "WHERE acl.principal_class = 'modUserGroup' " .
                                "AND acl.principal = 0 " .
                                "ORDER BY acl.target, acl.principal, acl.authority, acl.policy";
                            $query = new xPDOCriteria($modx, $sql);
                            if ($query->stmt && $query->stmt->execute()) {
                                while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) {
                                    $attributes[$row['target']][] = array(
                                        'principal' => 0,
                                        'authority' => $row['authority'],
                                        'policy' => $row['data'] ? $modx->fromJSON($row['data'], true) : array(),
                                    );
                                }
                            }
                        }
                
                        return $attributes;
                    }
                }


                loadAttributes() is its only method and it's definitely a valid static method. I'm not sure what would cause this, though.

                Check the paths and URLs in core/config/config.inc.php, especially the connectors path.
                  Did I help you? Buy me a beer
                  Get my Book: MODX:The Official Guide
                  MODX info for everyone: http://bobsguides.com/modx.html
                  My MODX Extras
                  Bob's Guides is now hosted at A2 MODX Hosting
                  • 53738
                  • 9 Posts
                  Hi Bobray,

                  I already fixed the error on my last post by adding modAccessNamespace(access_namespace) object in modx.sqlsrv.schema.xml and rerun setup.

                  <object class="modAccessNamespace" table="access_namespace" extends="modAccess">
                          <field key="context_key" dbtype="nvarchar" precision="100" phptype="string" null="false" default="" index="fk" />
                  
                          <index alias="context_key" name="context_key" primary="false" unique="false" type="BTREE">
                              <column key="context_key" length="" collation="A" null="false" />
                          </index>
                  
                          <aggregate alias="Target" class="modNamespace" local="target" foreign="name" owner="foreign" cardinality="one" />
                          <aggregate alias="Context" class="modContext" local="context_key" foreign="key" cardinality="one" owner="foreign" />
                      </object>


                  But when I'm testing again the ACL to restrict some resources to other users (e.g. Blog User Group users to this group only show blog resources, the rest are restricted by administrator). I attached screenshot my of configuration in ACL, sorry i can't put my dev. environment because I'm using locally only later if this ACL it works i will put into VPS. Anyway, seems the ACL still not working to restrict the resources to other users. And no error log at all register in logs. Kindly find my attachment for reference.

                  BTW my database is MSSQL 2017, all setup and configuration are done including pdo drivers for php.

                  Thanks again
                    • 3749
                    • 24,544 Posts
                    I can't see the screenshots because the forum no doesn't support uploaded shots at this time. You have to put them somewhere else and link to them.

                    Did you flush permissions and sessions after making your permission changes?

                    Are you testing from another browser where you're not logged in to the Manager?
                      Did I help you? Buy me a beer
                      Get my Book: MODX:The Official Guide
                      MODX info for everyone: http://bobsguides.com/modx.html
                      My MODX Extras
                      Bob's Guides is now hosted at A2 MODX Hosting
                      • 53738
                      • 9 Posts
                      Yes, I flush permission and session, log out all users and delete all cache files in cache folder. Yes, I'm using two(firefox and chrome) browser to test this ACL.

                      Heres the image link;

                      http://res.cloudinary.com/adisonbn/image/upload/v1505954227/MODX%20ACL/ACL1.png

                      http://res.cloudinary.com/adisonbn/image/upload/v1505954227/MODX%20ACL/ACL2.png

                      http://res.cloudinary.com/adisonbn/image/upload/v1505954226/MODX%20ACL/ACL3.png

                      http://res.cloudinary.com/adisonbn/image/upload/v1505954226/MODX%20ACL/ACL4.png

                      http://res.cloudinary.com/adisonbn/image/upload/v1505954227/MODX%20ACL/ACL5.png

                      (I edited this so that the links work -- Bob) [ed. note: BobRay last edited this post 6 years, 6 months ago.]