Confirmed on clean install of 2.4. Testing on opensourcecms.org, it does not appear this bug carried into 3.0. Have not found this reported in the forums nor bug tracker.
Since upgrading to 2.4 (sorry, only have Fantastico), there is a bug introduced with the permission level assignment capability (level configuration at bottom of tiki-assignpermission.php page). If used once as expected / described, then any further "update" to permissions in that same group will Null out the whole "Level" column in the users_permission table.
Go to groups, admin a group, admin its permissions. Click "level configuration: show" way at the bottom. Do an assign of a level to that group and hit update. Once done, simply hit the normal "update" button in the "assign permissions" section. Does not matter if you change a permission or not. Now if you try to "level configuration: show" again, the level fields for every permission are nulled out and no levels appear in the "assign" list at the bottom of the page. Browsing the table in PHPMyAdmin confirms this behavior.
Note that you do not have to do a level assign a second time. Simply trying to change the inclusion of any individual permission (or making no changes but simply clicking the update button in assign permissions) will cause this to occur. Also, it does not matter whether "level configurations" are shown or hidden.
Have not tried to spelunk into the code base.
User level recovery is to extract the appropriate code from tiki.sql to recreate the table in phpmyadmin as it existed at install. Any local changes the user may have made to create new levels and new assignments of levels to permission are obviously lost.
Would like to know if patch is available until I can upgrade to 3.0. Seems I am in making permission changes often on 3 different installations I have setup and am still tuning and adding features to.
Show.tiki.org snapshot creation is in progress... Please monitor http:///snapshots/ for progress. Note that if you get a popup asking for a username/password, please just enter "show" and "show".
Password reset was successful
Password reset failed
Show.tiki.org instance destruction is in progress... Please wait...
The public/private keys configured to connect to show2.tikiwiki.org were not accepted. Please make sure you are using RSA keys. Thanks.
Unable to connect to show2.tikiwiki.org. Please let us know of the problem so that we can do something about it. Thanks.
Show.tiki.org is currently under maintenance. Sorry for the inconvenience.
Unable to get information from show2.tikiwiki.org. Please let us know of the problem so that we can do something about it. Thanks.
Show.tiki.org is in the progress of creating the new instance. Please continue waiting for a minute or two. If this continues on for more than 10 minutes, please let us know of the problem so that we can do something about it. Thanks.
To help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tikiwiki.org instance. To start, simply select a version and click on "Create show2.tikiwiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tikiwiki.org.
The URL for the show2.tikiwiki.org instance that demonstrates this bug is at: http://. Note that if you get a popup asking for a username/password, please just enter "show" and "show". This is different from the initial login and password for a new Tiki which is "admin" and "admin".
For the install log, see http:///info.txt
Note that if you see PHP errors or a Tiki claiming to be missing third party software, the instance creation is probably not finished. Please wait a couple minutes and reload.
Snapshots are database dumps of the configuration that developers can download for debugging. Once you have reproduced your bug on the show2.tikiwiki.org instance, create a snapshot that can then be downloaded by developers for further investigation.
Snapshots can be accessed at: http:///snapshots/. Note that if you get a popup asking for a username/password, please just enter "show" and "show".Create new snapshot
|No attachments for this item|