#2111 Logging into Fedora Insight when not in cmsadmin group gives 403 error
Closed: Fixed None Opened 13 years ago by rbergero.

= phenomenon =
When logging into zikula / FI on pt6 as new users "robynztest", get the following error:


Access denied (error 403)
Sorry! You don't have authorisation for the page you wanted.
Additional information
Sorry! You have not been granted access to this page.


Simon posted an email to the logistics list this afternoon saying there is a patch -
http://lists.fedoraproject.org/pipermail/logistics/2010-April/000500.html

That email posted approximately the same time that Hiemanshu/Gwerra posted that he thought he had fixed the problem. I'm not sure if Hiemanshu applied the patch, or something else.

At this point: users not in cmsadmin no longer have administrative access when they log in - but they are not able to log in past a 403 error. The new users do get added to the "users" group - and not the "administrators" group - so we need to figure out why they're getting a 403.

= reason =

= recommendation =


This is still happening as of this morning. Reminder that our go/no-go is scheduled for this afternoon (1800 UTC) in #fedora-mktg.

I'm fixed some details on the group sync, it could be fixed now.
There was an "arguments error" when logged on, now it's gone.
I don't have a "normal" account to test if the 403 persists.

The file I've fixed (/modules/AuthFAS/pnuserapi.php) is only on pt6, no SVN sync.

With SVN sync I mean:
I know that the AuthFAS module has its SVN repository, but I don't know where is it. The fixes are on the live site ONLY.

Greetz

Just tested.

Username dagny (in the cmsadmin group, and cla_done) now ALSO gets a 403 error when logging in. So now people in cmsadmin can't even log in and get the administrator panel.

Username rbergero (not in cmsadmin, but is in cla_done - should just be a regular user) is still getting a 403.

Simon indicated he fixed this, but without any commit or patch, we can't tell what was done: http://lists.fedoraproject.org/pipermail/logistics/2010-April/000500.html

This problem is either still occurring, or wasn't fixed as expected.

Note that the 403 is currently only happening to regular users. People who are in cmsadmin do not get a 403 when they log in.

This is already solved :)

Login to comment on this ticket.

Metadata