News:

Looking for documentation? Take a look on our wiki

Main Menu

Virtuemart 3.0.10 permissions error

Started by Bravestar, September 30, 2015, 17:03:17 PM

Previous topic - Next topic

Bravestar

Hi,

I have update my virtuemart store from 3.0.9.4 to 3.0.10 and i have problem with permissions.
I have set permissions for the group "administrator" to not see the virtuemart configurations, the coupons, the payment methods and other functions.

I didn't have any problem until the update.

After the update i'm facing problems like:

In categories i can't see any category.
The same problem happens in media files, everything are empty.
But the main problem is in products. When i click in products menu i can see the products normally in my list, but if i click on a product says :

Error

COM_VIRTUEMART_ALERTNOTAUTHOR

Can we please fix that?
There is any quick fix for that.

regards

jenkinhill

From the news of the 3.0.10 release:

ACL

Lean more about ACL and VirtueMart: http://docs.virtuemart.net/manual/general-concepts/185-administrative-frontend-access-with-acl.html
- new ACL system, added new class vmAccess
- complete Frontend managing system
- actions use the permissions of the user logged in the background (Shopperswitcher)

Kelvyn
Lowestoft, Suffolk, UK

Retired from forum life November 2023

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Bravestar

#2
Hi again,

I have read very carefully your link and documentation and my problem it has no similarities with that.

Fist of all i don't want Front End access to edit the shop.
My problem is in back end.

I have setup specific persmissions for administrator group.

When i check the option in the first tab "Configure ACL & Options" to "allowed" the administrator group is like super user, it see's everything. Every other permission i have set for virtuemart is ignored. 
If i select the option to "denied" then every persmission that i have set is applied, but it creates problem like i have describe in my first post.

Can you help me please ?

p.s. Also i have try to set a new usergroup under public and set from the beginning all the permissions for joomla and virtuemart but the results was the same.

Milbo

Please enable vmdebug and check the given vendorid (should be printed always).

And administrators are not superadmins. I think you must allow them any view manually. Check the permissions. The manual is also valid for the general ACL (it is just the old alias)
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

Bravestar

#4
hi again,

I have found the solution.
When i had the option "Manage Vendors" to "Not allowed", the permissions are not work correctly.
When i turn the "Manage Vendors" to "Allowed" then it works correctly.

Milbo

Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

Bravestar

This user has no vendor. Is just a joomla user in group Administrator.

My super user has vendor id in virtuemart.

Milbo

Any manager without vendor Id should get vendorId 1, hmmm, strange.
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/

n3t

New ACL is not backward compatible at all. Update from 3.0.9 to 3.0.10 made non Super Users unable to manage the store (at least from backend).
In my case, I have Administrators group, that previosly had only right "Access Administration Interface" in VM. After upgrade (untill now) I noticed this two issues
- Administrators do not see any category, so cannot choose category in product edit page
- Administrators are not able to add any image to product.

The first issue I solved by allowing everything at newly added ACL page "Product categories". More over I had to allow "Manage vendors" on "Permissions" page.

Second issue is bit funny. As far as I remember, previously when you select file from your computer for uploading, "Image action" automatically switched to "Upload". Not in 3.0.10. Means, that users has to select file and make one more click on upload. If they don´t nothing happens, not even some message. More over you have to allow ACL on page "Media". Again funny, when you upload new image (someone would say, that you create new media), you have to allow ACL "Edit", not "Create".

Do you think this kind of update should change version number only in "Patch" part? Would be great if VM tries to follow something like http://semver.org/

Milbo

Quote from: n3t on October 02, 2015, 23:31:07 PM
New ACL is not backward compatible at all. Update from 3.0.9 to 3.0.10 made non Super Users unable to manage the store (at least from backend).
In my case, I have Administrators group, that previosly had only right "Access Administration Interface" in VM. After upgrade (untill now) I noticed this two issues
- Administrators do not see any category, so cannot choose category in product edit page
- Administrators are not able to add any image to product.
Of course "that previosly had only right "Access Administration Interface" in VM." includes no other rights.

Quote from: n3t on October 02, 2015, 23:31:07 PM
The first issue I solved by allowing everything at newly added ACL page "Product categories". More over I had to allow "Manage vendors" on "Permissions" page.
Because your group is not a superadministrator group and so you have to add any right manually.

Quote from: n3t on October 02, 2015, 23:31:07 PM
Second issue is bit funny. As far as I remember, previously when you select file from your computer for uploading, "Image action" automatically switched to "Upload". Not in 3.0.10. Means, that users has to select file and make one more click on upload. If they don´t nothing happens, not even some message.
100 times discussed. It worked before with dragndrop, but not when you used the "search through" button. It is not so easy, as you may think. If it is that easy, provide better code instead blaming us.

Quote from: n3t on October 02, 2015, 23:31:07 PM
More over you have to allow ACL on page "Media". Again funny, when you upload new image (someone would say, that you create new media), you have to allow ACL "Edit", not "Create".
The right "create", gives the right to "create" a media "entry". The used image is a property of the media => completly correct that way.

Quote from: n3t on October 02, 2015, 23:31:07 PM
Do you think this kind of update should change version number only in "Patch" part? Would be great if VM tries to follow something like http://semver.org/
You had a wrong configuration, which worked due bugs we had in the versions before. So we fixed a bug by complementing an old feature. Check the forum, not a lot people had your problem
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/