Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5

JULY 2021 - Forum Issues Resolved 🤞
#1
Bug 

G'day All,

I'm aware some will be having difficulties accessing other parts of the forum, I am working on a solution.
Reply
#2

(20-07-2021, 11:11 AM)kizza42 Wrote:  G'day All,

I'm aware some will be having difficulties accessing other parts of the forum, I am working on a solution.

Thanks matey,

Field obviously remains closed and we can all still communicate just fine, so no rush. We really appreciate what you do for us.

Regards,

j.
Reply
#3

Problem has been tracked down to a bug in the latest version of the Forum software. For those interested, the response below from a contributor nailed the issue... If you still think you don't have access to where you should, please let me know. Its also possible a future auto update will break this again. If this happens, please let me know asap as the fault itself is not visible to me unless I am specifically looking for it.

Laird Wrote:I experienced something similar on upgrading a board to 1.8.27, but came up with a working fix and put the issue (potential bug) aside, not knowing how to diagnose it.

Today, given that you have also experienced the problem I experienced, I dug in deep, and have (eventually) come up with a diagnosis.

In short, this is a regression from PR #4095: namely, the change it makes to the `fetch_forum_permissions()` function in the `inc/functions.php` file, which is to remove the initialisation `$level_permissions = $fpermcache[$fid][$gid];` on what was line 1474, replacing it with a later `else` block in the new lines 1486-1489.

This leaves `$level_permissions` uninitialised on each new iteration of the loop over `$groups`; `$level_permissions` instead retains the value it had at the end of the previous iteration. The above-mentioned change seems to assume that the `else` block will take care of initialising `$level_permissions`, but it is possible that the `if` conditional will instead be satisfied, and that `$level_permissions` will not be set within that `if` block. This will be the case when all of the forum's parent forums are set to "inherit" for the extra group, or when its list of parent forums is empty.

Drilling in deeper, the problem then is that before the change, the conditional under the comment `// If we STILL don't have forum permissions we use the usergroup itself` would test true, and the commented action would occur, with the default usergroup permissions being permissive, and allowing viewing. After the change, in contrast, given that there will in your (and my) scenario be at least one group prior to the extra group, `$level_permissions` will not be empty, and - because the prior group does not have permission to view the forum (only the extra group does) - the effective permissions returned will be such as to prohibit the group member from viewing the forum.

There seem to be two quick fixes for this issue:
  1. (Avoiding changes to the code): Customise the permissions for each relevant forum for each relevant "extra" usergroup: move, in the web UI, each of the "View", "Post Threads", "Post Replies", and "Post Polls" permissions for the relevant usergroups from the "Overview: Allowed Actions" column to the "Overview: Disallowed Actions", save them, and then move them all back to the "Overview: Allowed Actions" column and save them. This will break the inheritance, the permission indicator beside the groups' names will change from "(inherited)" to "(custom)", and the permissions should then work as expected.
  2. (Less work-intensive but requiring edits to core files): Insert at what is currently line 1697 of `inc/functions.php` the missing initialisation:
    PHP Code:
                $level_permissions $fpermcache[$fid][$gid]; 

I think, given this diagnosis, that this constitutes a bug and should be escalated to a GitHub issue, but whether the fix I've suggested is the one ultimately adopted is a matter for discussion. I find the MyBB permissions code to be quite confusing, and others more familiar with it might have better ideas.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)