exside
commented
11 years ago exside submitted:
OK, I think I see what's happening!
If you have a look at the screenshots I attached in the opening post then you can see there in the policy templates section that there are Templates like "AdminTemplate" or "MemberTemplate" or "EditorTemplate"...I have never created them^^...I just use the "AdministratorTemplate" for most of my custom policies, so these were somehow created, for whatever reason, AND they were also linked to the ACL with the "same" name, so the ACL "Editor" is now linked to "EditorTemplate" instead of "AdministratorTemplate" as it was before the update, same for "Admin" / "AdminTemplate" (instead of "AdministratorTemplate") and so on, this was written to the db, so there the "Admin" ACL now has a Template of ID 7 (which is that magically created empty AdminTemplate) instead of 1 (which would be the AdministratorTemplate), this goes on for every custom created policy which has now an unwanted custom created template with a camelCased Template behind it's name^^...wtf =)
I just tried to manually set the template id of "Admin" back to 1 in the db itself and see, tada...it works again^^, did that with the others too, deleted the "magically" created templates and now the system works again as it should!
Just notice that there is an AdministratorTemplate assigned to the Media Source User (standard policy) and created a new template "MediaSourceAdminTemplate" which is linked to the Media Source Admin (standard policy)...
I also attached a new screenshot of an "old" 2.2.6 installation with a similar permission setup, that's how it should look =D... I think this "bug" or whatever it is should be a reason for a pl2 fix^^, in bigger installation this could f*\ things up big time (at least if I'm not the only one having this isse...)
gadamiak
netProphET
pixelchutes
exside created Redmine issue ID 9826
OK, I've just spend a half day trying to find out what's going on (without breaking the site because the editors work on it) and this seems really a bad one^^... discovered it after checking my own permissions when I read this: http://forums.modx.com/thread/83813/problems-with-2-2-7-upgrade-access-policy-templates#dis-post-462704
seems my case is even worse.
I have several (4) duplicated Permissions (Administrator, Content Editor x 3) which I edited to fit my needs. This seems to be the only way the permissions don't get overwritten when you update (because the standard ones get reset), the problem is now, that these are somehow not editable and not loaded into the grid (the names are, see screenshots), luckily they're still in the db (modx_access_policies table) and thus work, but I cannot edit them, which is very bad...
I exported one of these and I get a (at least seem to me) correct xml output with all the permissions, like everything is fine.
It gets worse, when I re-import that just exported policy, it get's added to the grid in the manager, BUT NOT into the DB table, there is no new row, nothing (although the ajax processor says success somehow, nothing red in firebug when watching the network tab)...the problem is now that I CAN'T DELETE any of the policies, so I have na a "Duplicate of Admin" which isn't in the DB, also doesn't have any permissions in it and I also cannot delete it from the grid via right click -> remove ^^ the grid row count at the bottom shows strange stuff like 1-15 from 14 =D...I absolutely don't get it, I can then clear the modx cache (also cleared browser cache, just in case) and that "phantom" ACL is gone again from the grid.
So basically the permission system seems completely broken after an update from 2.2.6pl-advanced to 2.2.7pl-advanced, didn't want to try it with another installation yet. Would be interested is this is just an issue with my installation or does somebody else have these issues too?