Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-58439

Admin pages login as guest and then throw Access denied error (should prompt for login) require_admin()

XMLWordPrintable

    • MOODLE_31_STABLE, MOODLE_32_STABLE, MOODLE_33_STABLE, MOODLE_37_STABLE
    • MOODLE_38_STABLE
    • MDL-58439-admin-no-guest
    • Hide
      1. Enable auto-login guest (Site administration > Users > Permissions > User policies - Auto-login guests).
      2. Now visit each of these admin pages. You should be prompted to login and not get an access issue:
        • admin/search.php
        • admin/plugins.php
        • admin/qbehaviours.php
        • admin/qtypes.php
        • admin/roles/manage.php
        • admin/roles/usersroles.php?userid=2&courseid=2 (This will redirect you to enrol in the course and not to login) You will also be logged in as a guest and will need to log in as a user and then log out to get back to the original logged out state)
        • admin/tasklogs.php
        • admin/timezone.php
        • admin/tool/monitor/managerules.php
        • admin/tool/oauth2/issuers.php
        • admin/tool/task/scheduledtasks.php
      Show
      Enable auto-login guest (Site administration > Users > Permissions > User policies - Auto-login guests). Now visit each of these admin pages. You should be prompted to login and not get an access issue: admin/search.php admin/plugins.php admin/qbehaviours.php admin/qtypes.php admin/roles/manage.php admin/roles/usersroles.php?userid=2&courseid=2 (This will redirect you to enrol in the course and not to login) You will also be logged in as a guest and will need to log in as a user and then log out to get back to the original logged out state) admin/tasklogs.php admin/timezone.php admin/tool/monitor/managerules.php admin/tool/oauth2/issuers.php admin/tool/task/scheduledtasks.php

      If you are not logged in and you deep link to almost any admin page, then instead of getting prompted to login, you instead get automatically logged in as a guest and then get an error. With debugging on it looks like this:

       
      Access denied

      More information about this error
      ×Debug info:
      Error code: accessdenied
      ×Stack trace: * line 496 of /lib/setuplib.php: moodle_exception thrown

      • line 7655 of /lib/adminlib.php: call to print_error()
      • line 12 of /admin/auth_config.php: call to admin_externalpage_setup()
         

      These should instead just send you directly to the login page as everyone would expect.

            brendanheywood Brendan Heywood
            brendanheywood Brendan Heywood
            Dmitrii Metelkin Dmitrii Metelkin
            Adrian Greeve Adrian Greeve
            Anna Carissa Sadia Anna Carissa Sadia
            Votes:
            1 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 hour, 45 minutes
                1h 45m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.