New user can't access credential items "No data to display! Either no folder already exists, either you have access to none of them"

[gilangvperdana]

### Steps to reproduce 1. Create new User with Roles 2. New user login then goes to Password tabs 3. User gets "No data to display! Either no folder already exists, either you have access to none of them." ### Expected behaviour New users should be able to access the folder according to the role that the admin has assigned ### Actual behaviour in fact the new user cannot access the folder according to the role, the new user gets the information "new users should be able to access the folder according to the role that the admin has assigned" 
 ### Server configuration **Operating system**: Ubuntu 20.04 LTS **Web server:** Apache/2.4.41 **Database:** 5.5.5-10.3.34-MariaDB-0ubuntu0.20.04.1 **PHP version:** 7.4.3 **Teampass version:** 3.0.0.20 **Teampass configuration file:** Not needed. **Updated from an older Teampass or fresh install:** PLEASE attach to this issue the file `/includes/config/tp.config.php`. ``` 'max_latest_items' => '10', 'enable_favourites' => '1', 'show_last_items' => '1', 'enable_pf_feature' => '0', 'log_connections' => '1', 'log_accessed' => '1', 'time_format' => 'H:i:s', 'date_format' => 'd/m/Y', 'duplicate_folder' => '0', 'item_duplicate_in_same_folder' => '0', 'duplicate_item' => '0', 'number_of_used_pw' => '3', 'manager_edit' => '1', 'cpassman_dir' => '/var/www/html/TeamPass', 'cpassman_url' => 'https:// 'favicon' => 'https:///favicon.ico', 'path_to_upload_folder' => '/var/www/html/TeamPass/upload', 'path_to_files_folder' => '/var/www/html/TeamPass/files', 'url_to_files_folder' => 'http:///files', 'activate_expiration' => '0', 'pw_life_duration' => '0', 'maintenance_mode' => '0', 'enable_sts' => '0', 'encryptClientServer' => '1', 'cpassman_version' => '3.0.0.19', 'ldap_mode' => '0', 'ldap_type' => '0', 'ldap_suffix' => '0', 'ldap_domain_dn' => '0', 'ldap_domain_controler' => '0', 'ldap_user_attribute' => '0', 'ldap_ssl' => '0', 'ldap_tls' => '0', 'ldap_elusers' => '0', 'ldap_search_base' => '0', 'ldap_port' => '389', 'richtext' => '0', 'allow_print' => '1', 'roles_allowed_to_print' => '0', 'show_description' => '1', 'anyone_can_modify' => '0', 'anyone_can_modify_bydefault' => '0', 'nb_bad_authentication' => '0', 'utf8_enabled' => '1', 'restricted_to' => '0', 'restricted_to_roles' => '0', 'enable_send_email_on_user_login' => '0', 'enable_user_can_create_folders' => '1', 'insert_manual_entry_item_history' => '0', 'enable_kb' => '0', 'enable_email_notification_on_item_shown' => '0', 'enable_email_notification_on_user_pw_change' => '1', 'custom_logo' => '', 'custom_login_text' => '', 'default_language' => 'english', 'send_stats' => '0', 'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;', 'send_stats_time' => '1661159565', 'get_tp_info' => '1', 'send_mail_on_user_login' => '0', 'nb_items_by_query' => 'auto', 'enable_delete_after_consultation' => '0', 'enable_personal_saltkey_cookie' => '0', 'personal_saltkey_cookie_duration' => '31', 'email_smtp_server' => '' 'email_smtp_auth' => '1', 'email_auth_username' => '' 'email_auth_pwd' => '' 'email_port' => '587', 'email_security' => 'tls', 'email_server_url' => '', 'email_from' => '' 'email_from' => '' 'pwd_maximum_length' => '40', 'google_authentication' => '1', 'delay_item_edition' => '0', 'allow_import' => '1', 'proxy_ip' => '' 'proxy_port' => '', 'upload_maxfilesize' => '10mb', 'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx', 'upload_imagesext' => 'jpg,jpeg,gif,png', 'upload_pkgext' => '7z,rar,tar,zip', 'upload_otherext' => 'sql,xml', 'upload_imageresize_options' => '1', 'upload_imageresize_width' => '800', 'upload_imageresize_height' => '600', 'upload_imageresize_quality' => '90', 'use_md5_password_as_salt' => '0', 'ga_website_name' => '', 'api' => '0', 'subfolder_rights_as_parent' => '1', 'show_only_accessible_folders' => '0', 'enable_suggestion' => '0', 'otv_expiration_period' => '7', 'default_session_expiration_time' => '60', 'duo' => '0', 'enable_server_password_change' => '0', 'ldap_object_class' => '0', 'bck_script_path' => '/var/www/html/TeamPass/backups', 'bck_script_filename' => 'bck_teampass', 'syslog_enable' => '0', 'syslog_host' => 'localhost', 'syslog_port' => '514', 'manager_move_item' => '1', 'create_item_without_password' => '0', 'otv_is_enabled' => '0', 'agses_authentication_enabled' => '0', 'item_extra_fields' => '0', 'saltkey_ante_2127' => 'none', 'migration_to_2127' => 'done', 'files_with_defuse' => 'done', 'timezone' => 'Asia/Jakarta', 'enable_attachment_encryption' => '1', 'personal_saltkey_security_level' => '50', 'ldap_new_user_is_administrated_by' => '0', 'disable_show_forgot_pwd_link' => '0', 'offline_key_level' => '0', 'enable_http_request_login' => '0', 'ldap_and_local_authentication' => '0', 'secure_display_image' => '1', 'upload_zero_byte_file' => '0', 'upload_all_extensions_file' => '1', 'bck_script_passkey' => '' 'admin_2fa_required' => '0', 'password_overview_delay' => '4', 'copy_to_clipboard_small_icons' => '1', 'duo_ikey' => 'admin', 'duo_skey' => '', 'duo_host' => '', 'duo_failmode' => 'secure', 'teampass_version' => '', 'roles_allowed_to_print_select' => '[1,2,3,6,7]', 'clipboard_life_duration' => '30', 'mfa_for_roles' => '', 'tree_counters' => '0', 'settings_offline_mode' => '0', 'settings_tree_counters' => '0', 'enable_massive_move_delete' => '0', 'email_debug_level' => '0', 'ga_reset_by_user' => '1', 'onthefly-backup-key' => '' 'onthefly-restore-key' => '' 'ldap_user_dn_attribute' => '', 'ldap_dn_additional_user_dn' => '', 'ldap_user_object_filter' => '', 'ldap_bdn' => '', 'ldap_hosts' => '' 'ldap_password' => '' 'ldap_username' => '', 'api_token_duration' => '60', 'enable_tasks_manager' => '0', 'task_maximum_run_time' => '300', 'tasks_manager_refreshing_period' => '20', 'maximum_number_of_items_to_treat' => '100', 'can_create_root_folder' => '1', ``` ### Client configuration **Browser:** Google Chrome **Operating system:** Windows 10 ### Logs #### Web server error log ``` 2022/10/25 12:27:57 [error] 766480#766480: *106230 FastCGI sent in stderr: "PHP message: PHP Notice: Undefined index: en_lang in /var/www/html/TeamPass/sources/main.functions.php on line 74PHP message: PHP Notice: Trying to access array offset on value of type null in /var/www/html/TeamPass/sources/main.functions.php on line 74PHP message: PHP Notice: Trying to access array offset on value of type bool in /var/www/html/TeamPass/sources/main.functions.php on line 77" while reading response header from upstream, client: 180.244.163.119, server: teampass.id, request: "GET /index.php?page=profile&tab=timeline HTTP/2.0", upstream: "fastcgi://unix:/var/run/php/php7.4-fpm.sock:", host: "teampass.id", referrer: "https://teampass.id/index.php?page=items" ``` #### Log from the web-browser developer console (CTRL + SHIFT + i) ``` Uncaught TypeError: Cannot read properties of undefined (reading 'can_create_root_folder') at Object.success (index.php?page=items:6233:40) at c (jquery.min.js:2:28327) at Object.fireWith [as resolveWith] (jquery.min.js:2:29072) at l (jquery.min.js:2:79901) at XMLHttpRequest. (jquery.min.js:2:82355) ```

[nilsteampassnet]

this user has been created from admin page?

[nilsteampassnet]

I just perform the described steps. Created a news user with the role called "Default" (that provides access to a set of folders) Did wait until account is generated. Get logged with new user login and pwd Provided Encryption code for this usage User could browser folders and objects.

Is there something special regarding the role you defined during user creation? Please also update to latest commit. I can see you wrote tp version is 3.0.0.20 but settings infos say 'cpassman_version' => '3.0.0.19', This should fix the error you have in web server log

[gilangvperdana]

this user has been created from admin page?

right, the user is created from the admin page

I just perform the described steps. Created a news user with the role called "Default" (that provides access to a set of folders) Did wait until account is generated. Get logged with new user login and pwd Provided Encryption code for this usage User could browser folders and objects.

Is there something special regarding the role you defined during user creation? Please also update to latest commit. I can see you wrote tp version is 3.0.0.20 but settings infos say 'cpassman_version' => '3.0.0.19', This should fix the error you have in web server log

Thanks for your answer, sorry my bad, I wrote wrong tp config in this issue. My cpassman_version are 3.0.0.20 too. I don't think it's because of version 3.0.0.20, because previously this version was fine, and I've tried updating to the latest commit but still encountering the same error. Regarding special treatment, I don't do that at all, this problem comes suddenly on new users (not for existing users).

by the way, thank you for your hard work

[nilsteampassnet]

do you think we could have TV session so that I could see the thing ?

[gilangvperdana]

do you think we could have TV session so that I could see the thing ?

OK, i will reproduce step that make its error first then i will tell you on next time,
Thanks for your answer and good work

[fsatrion]

do you think we could have TV session so that I could see the thing ?

Hi i have same issue like this, After check my db teampass, i forgot define charset to utf8 and now using charset latin1 is this the cause of the issue?

[gilangvperdana]

do you think we could have TV session so that I could see the thing ?

Hi i have same issue like this, After check my db teampass, i forgot define charset to utf8 and now using charset latin1 is this the cause of the issue?

yes it happens that the database I'm using also uses a latin1 charset like @fsatrion , is it true that this is causing the problem? Thanks for your answer @nilsteampassnet

[nilsteampassnet]

I don't know if DB charset can has an impact. Nevertheless all stuff behind teampass uses utf8so indeed we can have a broken mysql answer. But in such we should have an error. It would be appreciated to check your mariadb log for any error, and share them here.

When looking the sceenshot provided by @fsatrion in #3409, we can see in the console the keyword FALSE just after "TREE". This false indicates that the query permitting the refresh the tree folders returns something not managed by the error handler which sounds strange. So the issue is there but now why? I don't know. I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net).

What you can check is also this. From your DB, check what is the ID of new created user from table users. Then open table cache_tree and look if you find an entry for this user_id. And check if fields visible_folders and folders are filled in.

[fsatrion]

I don't know if DB charset can has an impact. Nevertheless all stuff behind teampass uses utf8so indeed we can have a broken mysql answer. But in such we should have an error. It would be appreciated to check your mariadb log for any error, and share them here.

When looking the sceenshot provided by @fsatrion in #3409, we can see in the console the keyword FALSE just after "TREE". This false indicates that the query permitting the refresh the tree folders returns something not managed by the error handler which sounds strange. So the issue is there but now why? I don't know. I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net).

What you can check is also this. From your DB, check what is the ID of new created user from table users. Then open table cache_tree and look if you find an entry for this user_id. And check if fields visible_folders and folders are filled in.

Thank you for your response, after i check in mariadb log, no log error in there. the new user "cobaa" with id "10000104", but when i check in cache_tree is empty set. what this is the problem? and how to fix it ?

[lollko]

if i check php-fpm i found this, maybe is it important

[11-Nov-2022 09:29:46 UTC] PHP Warning:  Undefined array key "otp_provided" in /var/www/TeamPass1/sources/users.datatable.php on line 241
[11-Nov-2022 09:29:46 UTC] PHP Warning:  Undefined array key "is_ready_for_usage" in /var/www/TeamPass1/sources/users.datatable.php on line 248
[15-Nov-2022 10:47:57 UTC] PHP Warning:  Undefined array key "id" in /var/www/TeamPass1/sources/items.logs.php on line 112

[nilsteampassnet]

if i check php-fpm i found this, maybe is it important

[11-Nov-2022 09:29:46 UTC] PHP Warning:  Undefined array key "otp_provided" in /var/www/TeamPass1/sources/users.datatable.php on line 241
[11-Nov-2022 09:29:46 UTC] PHP Warning:  Undefined array key "is_ready_for_usage" in /var/www/TeamPass1/sources/users.datatable.php on line 248
[15-Nov-2022 10:47:57 UTC] PHP Warning:  Undefined array key "id" in /var/www/TeamPass1/sources/items.logs.php on line 112

I don't think, nevertheless I will check why you have those.

@fsatrion I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net).

[gilangvperdana]

I don't know if DB charset can has an impact. Nevertheless all stuff behind teampass uses utf8so indeed we can have a broken mysql answer. But in such we should have an error. It would be appreciated to check your mariadb log for any error, and share them here. When looking the sceenshot provided by @fsatrion in #3409, we can see in the console the keyword FALSE just after "TREE". This false indicates that the query permitting the refresh the tree folders returns something not managed by the error handler which sounds strange. So the issue is there but now why? I don't know. I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net). What you can check is also this. From your DB, check what is the ID of new created user from table users. Then open table cache_tree and look if you find an entry for this user_id. And check if fields visible_folders and folders are filled in.

Thank you for your response, after i check in mariadb log, no log error in there. the new user "cobaa" with id "10000104", but when i check in cache_tree is empty set. what this is the problem? and how to fix it ?

Hi @nilsteampassnet I seem to have figured out why some users are not logged into the teampass_cache_tree table like @fsatrion case, I saw the data type in the increment_id column in the teampass_cache_tree table is tinyint i.e. max at 127. Can you change the increment_id data type to INT or maybe BIGINT ? what do you think @nilsteampassnet ? #CMIIW

Evidence

Thank you for your answer

[fsatrion]

I don't know if DB charset can has an impact. Nevertheless all stuff behind teampass uses utf8so indeed we can have a broken mysql answer. But in such we should have an error. It would be appreciated to check your mariadb log for any error, and share them here. When looking the sceenshot provided by @fsatrion in #3409, we can see in the console the keyword FALSE just after "TREE". This false indicates that the query permitting the refresh the tree folders returns something not managed by the error handler which sounds strange. So the issue is there but now why? I don't know. I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net). What you can check is also this. From your DB, check what is the ID of new created user from table users. Then open table cache_tree and look if you find an entry for this user_id. And check if fields visible_folders and folders are filled in.

Thank you for your response, after i check in mariadb log, no log error in there. the new user "cobaa" with id "10000104", but when i check in cache_tree is empty set. what this is the problem? and how to fix it ?

Hi @nilsteampassnet I seem to have figured out why some users are not logged into the teampass_cache_tree table like @fsatrion case, I saw the data type in the increment_id column in the teampass_cache_tree table is tinyint i.e. max at 127. Can you change the increment_id data type to INT or maybe BIGINT ? what do you think @nilsteampassnet ? #CMIIW

Evidence

Thank you for your answer

hi @nilsteampassnet i think the suggestion from @gilangvperdana change the data type of increment id to higher range like smallint possible to implement, because when i create new user or change role existing user, increment value still increase not continue from last value stored in db.

here i deleted all cache tree with increment_id >10 and changed data type of increment_id to smallint then created new user again. The cache tree from new user will stored with last value count (by program), not continue form last value in incrment_id. Maybe this is what causes us to run out of range using tinyint

maybe do you have any solution for this issue? i don't know about impact when we change data type to smallint

[fsatrion]

I don't know if DB charset can has an impact. Nevertheless all stuff behind teampass uses utf8so indeed we can have a broken mysql answer. But in such we should have an error. It would be appreciated to check your mariadb log for any error, and share them here. When looking the sceenshot provided by @fsatrion in #3409, we can see in the console the keyword FALSE just after "TREE". This false indicates that the query permitting the refresh the tree folders returns something not managed by the error handler which sounds strange. So the issue is there but now why? I don't know. I would need to have to investigate on your server if we can arrange a TV session (contact me by email at nils@teampass.net). What you can check is also this. From your DB, check what is the ID of new created user from table users. Then open table cache_tree and look if you find an entry for this user_id. And check if fields visible_folders and folders are filled in.

Thank you for your response, after i check in mariadb log, no log error in there. the new user "cobaa" with id "10000104", but when i check in cache_tree is empty set. what this is the problem? and how to fix it ?

Hi @nilsteampassnet I seem to have figured out why some users are not logged into the teampass_cache_tree table like @fsatrion case, I saw the data type in the increment_id column in the teampass_cache_tree table is tinyint i.e. max at 127. Can you change the increment_id data type to INT or maybe BIGINT ? what do you think @nilsteampassnet ? #CMIIW

Evidence

Thank you for your answer

hi @nilsteampassnet i think the suggestion from @gilangvperdana change the data type of increment id to higher range like smallint possible to implement, because when i create new user or change role existing user, increment value still increase not continue from last value stored in db.

here i deleted all cache tree with increment_id >10 and changed data type of increment_id to smallint then created new user again. The cache tree from new user will stored with last value count (by program), not continue form last value in incrment_id. Maybe this is what causes us to run out of range using tinyint

maybe do you have any solution for this issue? i don't know about impact when we change data type to smallint

hi @nilsteampassnet what do you think about this? if we change the data type, what will be the impact in the future?