[#MDL-14183] Users can't update their profiles or passwords, thought in Authenticated user and Student roles these capabilities Allowed.

Issue Details (XML | Word | Printable)

Key:	MDL-14183
Type:	Bug
Status:	Closed
Resolution:	Fixed
Priority:	Blocker
Assignee:	Petr Skoda
Reporter:	Oleg Sychev
Votes:	0
Watchers:	1

Operations

Add/Edit UI Mockup to this issue

If you were logged in you would be able to see more operations.

Moodle

Users can't update their profiles or passwords, thought in Authenticated user and Student roles these capabilities Allowed.

Created: 04/Apr/08 06:56 PM Updated: 17/Dec/08 09:15 AM

Return to search

Component/s:

Authentication

Affects Version/s:

1.9

Fix Version/s:

1.9.1

Issue Links:

Relates

This issue has been marked as being related by:

~~MDL-13858~~ EVERYONE gets forums posts

MDL-14833 Improve detection of new settings

URL:	http://edu.vstu.ru
Participants:	Eloy Lafuente (stronk7), Martin Dougiamas, Oleg Sychev and Petr Skoda
Security Level:	None
QA Assignee:	Eloy Lafuente (stronk7)
Resolved date:	14/May/08
Affected Branches:	MOODLE_19_STABLE
Fixed Branches:	MOODLE_19_STABLE

Description

« Hide

Users can't update their profiles or passwords, thought in Authenticated user and Student rolesthese capabilities are Allowed (so users can't also restore forgotten passwords).

As far as I can see this bug was reported, but never reproduced, and it can be related to upgrading from 1.8. to 1.9. If you have trouble reproducing this bug, you may see it on an URL above using student's login: student and password std. If you need some admin information, please comment and I try to provide it.

All

Comments

Change History

Version Control

Sort Order:

Oleg Sychev made changes - 04/Apr/08 06:57 PM

Field	Original Value	New Value
Description	Users can't update their profiles or passwords, thought in Authenticated user and Student rolesthese capabilities are Allowed (so users can't also restore forgotten passwords). As far as I can see this bug was reported, but never reproduced, and it can be related to upgrading from 1.8. to 1.9. If you can trouble reproducing this bug, you may see it on an URL given below using student's login: student and password std. If you need some admin information, please comment and I try to provide it.	Users can't update their profiles or passwords, thought in Authenticated user and Student rolesthese capabilities are Allowed (so users can't also restore forgotten passwords). As far as I can see this bug was reported, but never reproduced, and it can be related to upgrading from 1.8. to 1.9. If you have trouble reproducing this bug, you may see it on an URL given below using student's login: student and password std. If you need some admin information, please comment and I try to provide it.
URL		http://edu.vstu.ru

Oleg Sychev made changes - 04/Apr/08 06:59 PM

Description

Users can't update their profiles or passwords, thought in Authenticated user and Student rolesthese capabilities are Allowed (so users can't also restore forgotten passwords).

As far as I can see this bug was reported, but never reproduced, and it can be related to upgrading from 1.8. to 1.9. If you have trouble reproducing this bug, you may see it on an URL given below using student's login: student and password std. If you need some admin information, please comment and I try to provide it.

[ Permalink | « Hide ]

Petr Skoda added a comment - 04/Apr/08 08:16 PM

Is the authenticated user role selected in $CFG->defaultuserroleid ?

[ Permalink | « Hide ]

Oleg Sychev added a comment - 15/Apr/08 09:14 PM

No. I set this, and problem resolved.
Probably system behavour silently chages during upgrade, which causing those problems.

[ Permalink | « Hide ]

Eloy Lafuente (stronk7) added a comment - 12/May/08 09:50 AM

Petr, we have had a bunch of reports about problems with this setting changing to "guest" and so.

If the solution is always to change it to authenticated user... what's the key about allowing it to be selected? Also... could we, as one step in upgrade... check for it (if empty or so) and set it to default? I guess a lot of people don't "save" the upgrade form on upgrade (I've had some reports about other missing settings like emoticons...) in recently upgraded to 1.9 sites.

Ciao

[ Permalink | « Hide ]

Martin Dougiamas added a comment - 12/May/08 02:31 PM

Yes, it seems many sites have ended up with $CFG->defaultuserroleid == guest after an upgrade which causes all kinds of serious problems.

Can you make sure it gets set to Authenticated User by default, Petr?

Martin Dougiamas made changes - 12/May/08 02:31 PM

Fix Version/s		1.9.1 [ 10240 ]
Priority	Minor [ 4 ]	Blocker [ 1 ]

[ Permalink | « Hide ]

Petr Skoda added a comment - 12/May/08 02:48 PM

hi,
the problem was in 1.7.x - I suppose that any site that went through that version is affected, the reason why it was not switched in 1.8 was that it sort of worked which is not the case in 1.9 anymore.

going to fix it somehow...

[ Permalink | « Hide ]

Oleg Sychev added a comment - 12/May/08 07:18 PM

Hello, Petr

You wrote "the problem was in 1.7.x - I suppose that any site that went through that version is affected"

I can say that our site was upgraded from 1.6.x straight to 1.8.1. and later to 1.9beta during Bugathon and so on, and it was affected.

Petr Skoda committed 3 files to 'Moodle CVS' on branch 'MOODLE_19_STABLE' - 12/May/08 10:03 PM

~~MDL-14183~~ guest type role not allowed in defaultuserroleid anymore, because it was causing trouble in many places; admins must choose another role if guest role detected in this setting

MODIFY	lib/db/upgrade.php	Rev. 1.154.2.32	(+16 -0 lines)
MODIFY	admin/settings/users.php	Rev. 1.26.2.6	(+11 -3 lines)
MODIFY	version.php	Rev. 1.563.2.99	(+1 -1 lines)

Petr Skoda committed 3 files to 'Moodle CVS' - 12/May/08 10:05 PM

~~MDL-14183~~ guest type role not allowed in defaultuserroleid anymore, because it was causing trouble in many places; admins must choose another role if guest role detected in this setting; merged from MOODLE_19_STABLE

MODIFY	lib/db/upgrade.php	Rev. 1.195	(+17 -1 lines)
MODIFY	version.php	Rev. 1.645	(+1 -1 lines)
MODIFY	admin/settings/users.php	Rev. 1.32	(+11 -3 lines)

[ Permalink | « Hide ]

Petr Skoda added a comment - 12/May/08 10:06 PM

patch committed into cvs,
thanks for the report

Petr Skoda made changes - 12/May/08 10:06 PM

Status	Open [ 1 ]	Resolved [ 5 ]
Resolution		Fixed [ 1 ]

[ Permalink | « Hide ]

Eloy Lafuente (stronk7) added a comment - 13/May/08 12:01 AM

Hi Petr,

was reviewing this and it seems that you are changing those "guest" roles to NULL (instead of "Authenticated role". Is that the expected behaviour? Shouldn't we default to the authenticated one?

That's the only point preventing me to close this, as the list now is properly skipping guest roles to be selected and everything else seems to be working ok.

Ciao

Eloy Lafuente (stronk7) made changes - 13/May/08 12:01 AM

QA Assignee

stronk7

[ Permalink | « Hide ]

Petr Skoda added a comment - 13/May/08 12:34 AM

the set_config('xxx', null) deletes the value, right?

/**

Set a key in global configuration
*
Set a key/value pair in both this session's {@link $CFG} global variable
and in the 'config' database table for future sessions.
*
Can also be used to update keys for plugin-scoped configs in config_plugin table.
In that case it doesn't affect $CFG.
*
A NULL value will delete the entry.
*
@param string $name the key to set
@param string $value the value to set (without magic quotes)
@param string $plugin (optional) the plugin scope
@uses $CFG
@return bool
*/
function set_config($name, $value, $plugin=NULL) {

[ Permalink | « Hide ]

Eloy Lafuente (stronk7) added a comment - 13/May/08 01:03 AM

yup, yup. That's not the question I wanted to do, hehe.

Some comments above Martin commented "Can you make sure it gets set to Authenticated User by default, Petr?", and that's not current behaviour. Just that.

Ciao

[ Permalink | « Hide ]

Martin Dougiamas added a comment - 13/May/08 11:52 PM

Yes, can we set it to "Authenticated User" by default? Most admins aren't going to read all the 100 new settings, they just accept defaults. And for this setting it almost always needs to be set to Authenticated User otherwise strange stuff happens.

Martin Dougiamas made changes - 13/May/08 11:52 PM

Status	Resolved [ 5 ]	Reopened [ 4 ]
Resolution	Fixed [ 1 ]

[ Permalink | « Hide ]

Petr Skoda added a comment - 14/May/08 12:02 AM

I does set it to authenticated user by default. Only if guest found there, it is unset and the admin is notified that he/she should chose some other role, but again the authenticated role is preselected in upgrade settings.

I do not think we should just switch that setting without informing admins, because even the guest role might have some overrides or customisations.

[ Permalink | « Hide ]

Eloy Lafuente (stronk7) added a comment - 14/May/08 12:25 AM

Well,

I think that Petr's approach is also valid if it's IMPOSSIBLE to bypass the settings page (i.e. if somebody tries to continue with installation... the new settings page is showed again until saved). And will show, in any case the default "authenticated user" in any case.

But... if it's possible to bypass the settings page, then we MUST set it in upgrade (instead of unsetting).

so, they key here is... does the new settings page in upgrade REQUIRE to be saved to continue upgrade?

Ciao

[ Permalink | « Hide ]

Petr Skoda added a comment - 14/May/08 12:38 AM

The missing settings get shown again if you go to admin/index.php

hmm, maybe I could add a new hack to test the new settings once for admin after login and redirect to upgradesettings if needed, this would also solve the problem with bumping of main version when settings are added in modules.