Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. WordPress (Developer)
  3. Logging in resets role to "Editor" instead of "Administrator" or "Shop Manager"

Logging in resets role to "Editor" instead of "Administrator" or "Shop Manager"

Scheduled Pinned Locked Moved Solved WordPress (Developer)
27 Posts 3 Posters 2.6k Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • d19dotcaD Offline
    d19dotcaD Offline
    d19dotca
    wrote on last edited by
    #16

    I just realized in my testing prior I had basically reproduced it in my WooCommerce sites since they have the most complaints of the issue due to the Shop Manager's logging in to find no WooCommerce panel. The other sites really only have me logging in (and on top of that I usually login via MainWP which apparently sidesteps this issue completely, not triggering something that the AuthLDAP plugin is using to reset the role to Editor).

    I'm going to try to update this plugin one by one on my customer's sites from least impacting first and see if I can reproduce this on any non-WooCommerce sites in case there's something about WooCommerce and the AuthLDAP plugin that don't work together now. 🤷

    --
    Dustin Dauncey
    www.d19.ca

    1 Reply Last reply
    1
    • d19dotcaD d19dotca

      @girish said in Logging in resets role to "Editor" instead of "Administrator" or "Shop Manager":

      wp --format=json option get authLDAPOptions

      Seems to be the same in both sites:

      Working:

      {
      	"Enabled": "1",
      	"CachePW": false,
      	"URI": "ldap:\/\/172.18.0.1:3002\/ou=users,dc=cloudron",
      	"Filter": "(username=%s)",
      	"NameAttr": "givenName",
      	"SecName": "sn",
      	"UidAttr": "username",
      	"MailAttr": "mail",
      	"WebAttr": "",
      	"Debug": false,
      	"DefaultRole": "editor",
      	"GroupEnable": false,
      	"GroupOverUser": false,
      	"Version": 1,
      	"URISeparator": "",
      	"StartTLS": false,
      	"Groups": {
      		"administrator": "",
      		"editor": "",
      		"author": "",
      		"contributor": "",
      		"subscriber": "",
      		"wpseo_manager": "",
      		"wpseo_editor": ""
      	},
      	"GroupSeparator": "",
      	"GroupBase": "",
      	"GroupAttr": "",
      	"GroupFilter": "",
      	"DoNotOverwriteNonLdapUsers": false
      }
      

      Non-working:

      {
      	"Enabled": "1",
      	"CachePW": false,
      	"URI": "ldap:\/\/172.18.0.1:3002\/ou=users,dc=cloudron",
      	"Filter": "(username=%s)",
      	"NameAttr": "givenName",
      	"SecName": "sn",
      	"UidAttr": "username",
      	"MailAttr": "mail",
      	"WebAttr": "",
      	"Debug": "1",
      	"DefaultRole": "editor",
      	"GroupEnable": false,
      	"GroupOverUser": false,
      	"Version": 1,
      	"URISeparator": "",
      	"StartTLS": false,
      	"Groups": {
      		"administrator": "",
      		"editor": "",
      		"author": "",
      		"contributor": "",
      		"subscriber": "",
      		"customer": "",
      		"shop_manager": ""
      	},
      	"GroupSeparator": "",
      	"GroupBase": "",
      	"GroupAttr": "",
      	"GroupFilter": "",
      	"DoNotOverwriteNonLdapUsers": false
      }
      

      The expected differences are just the group names as the one site is a WooCommerce site so it has customer and shop_manager roles, and I don't have the one SEO plugin so it's missing the wpseo_* roles. Other than debug, they're basically the same. 😕

      girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by girish
      #17

      @d19dotca actually, since you narrowed the behavior down to https://github.com/heiglandreas/authLdap/commit/a175571fb95f4e33128bd48d322438f78e440e7 , that bit of code depends on wp_capabilities . Maybe that's what is different in both the instances.

      I think SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities' . From a casual reading, it seems that if it's not an array, the behavior has changed.

      d19dotcaD 1 Reply Last reply
      2
      • girishG girish

        @d19dotca actually, since you narrowed the behavior down to https://github.com/heiglandreas/authLdap/commit/a175571fb95f4e33128bd48d322438f78e440e7 , that bit of code depends on wp_capabilities . Maybe that's what is different in both the instances.

        I think SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities' . From a casual reading, it seems that if it's not an array, the behavior has changed.

        d19dotcaD Offline
        d19dotcaD Offline
        d19dotca
        wrote on last edited by
        #18

        @girish said in Logging in resets role to "Editor" instead of "Administrator" or "Shop Manager":

        SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities'

        Good idea! To be honest though I'm just guessing that's the change responsible for the change in behaviour, I'm not 100% certain.

        Working site:

        mysql> SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities';
        +-----------------+---------------------------------+
        | meta_key        | meta_value                      |
        +-----------------+---------------------------------+
        | wp_capabilities | a:1:{s:13:"administrator";b:1;} |
        +-----------------+---------------------------------+
        1 row in set (0.00 sec)
        

        Non-working site:

        mysql> SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities';
        +-----------------+---------------------------------+
        | meta_key        | meta_value                      |
        +-----------------+---------------------------------+
        | wp_capabilities | a:1:{s:13:"administrator";b:1;} |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:12:"shop_manager";b:1;}  |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
        +-----------------+---------------------------------+
        9 rows in set (0.00 sec)
        

        Now the administrator role at top of both is my account, and the value seems identical in them.

        --
        Dustin Dauncey
        www.d19.ca

        girishG 1 Reply Last reply
        0
        • d19dotcaD d19dotca

          @girish said in Logging in resets role to "Editor" instead of "Administrator" or "Shop Manager":

          SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities'

          Good idea! To be honest though I'm just guessing that's the change responsible for the change in behaviour, I'm not 100% certain.

          Working site:

          mysql> SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities';
          +-----------------+---------------------------------+
          | meta_key        | meta_value                      |
          +-----------------+---------------------------------+
          | wp_capabilities | a:1:{s:13:"administrator";b:1;} |
          +-----------------+---------------------------------+
          1 row in set (0.00 sec)
          

          Non-working site:

          mysql> SELECT meta_key, meta_value FROM wp_usermeta WHERE meta_key = 'wp_capabilities';
          +-----------------+---------------------------------+
          | meta_key        | meta_value                      |
          +-----------------+---------------------------------+
          | wp_capabilities | a:1:{s:13:"administrator";b:1;} |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:12:"shop_manager";b:1;}  |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          | wp_capabilities | a:1:{s:8:"customer";b:1;}       |
          +-----------------+---------------------------------+
          9 rows in set (0.00 sec)
          

          Now the administrator role at top of both is my account, and the value seems identical in them.

          girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by girish
          #19

          @d19dotca I guess you can add user_id to the SELECT statement too.

          I am out of ideas otherwise 😞 Does woocommerce itself have some idea of login role or something?

          d19dotcaD 1 Reply Last reply
          0
          • girishG girish

            @d19dotca I guess you can add user_id to the SELECT statement too.

            I am out of ideas otherwise 😞 Does woocommerce itself have some idea of login role or something?

            d19dotcaD Offline
            d19dotcaD Offline
            d19dotca
            wrote on last edited by
            #20

            @girish Okay, I was able to manually update the plugin in about 12+ sites without issues, they were non-Woocommerce sites. On every WooCommerce site I manage (4 of them), I ran into the same issue as originally reported.

            So I guess the crux of the issue isn't necessarily the plugin all on it's own which may be why it works for some and not others... it's a combination of the plugin's code change plus something to do with WooCommerce, though I have no idea what that'd be exactly. There's other roles added in WooCommerce but that only touches newer users etc, not my original administrator account for example. Very strange.

            I guess I may need to just report this upstream.

            --
            Dustin Dauncey
            www.d19.ca

            1 Reply Last reply
            2
            • d19dotcaD Offline
              d19dotcaD Offline
              d19dotca
              wrote on last edited by
              #21

              @girish @fbartels @marcusquinn - I just filed an issue in GitHub for the AuthLDAP plugin here, please feel free to add your thoughts or subscribe to it if you'd like updates as well: https://github.com/heiglandreas/authLdap/issues/221

              --
              Dustin Dauncey
              www.d19.ca

              fbartelsF girishG 2 Replies Last reply
              3
              • d19dotcaD d19dotca

                @girish @fbartels @marcusquinn - I just filed an issue in GitHub for the AuthLDAP plugin here, please feel free to add your thoughts or subscribe to it if you'd like updates as well: https://github.com/heiglandreas/authLdap/issues/221

                fbartelsF Offline
                fbartelsF Offline
                fbartels
                App Dev
                wrote on last edited by
                #22

                @d19dotca thanks for opening the issue. I can confirm that i see this behaviour on my two WordPress installs (one prod one testing) which also has woocommerce installed. Since these websites are not really in production yet i have not tried to dig deeper into it (and everybody trying to login as admin also has cli access to easily upgrade their account again).

                In my test it felt like the role was changed a bit after the actual login. E.g. i notice i am not and admin, i change the role of the account, i try again the next day and am only an editor again.

                1 Reply Last reply
                1
                • d19dotcaD d19dotca

                  @girish @fbartels @marcusquinn - I just filed an issue in GitHub for the AuthLDAP plugin here, please feel free to add your thoughts or subscribe to it if you'd like updates as well: https://github.com/heiglandreas/authLdap/issues/221

                  girishG Offline
                  girishG Offline
                  girish
                  Staff
                  wrote on last edited by girish
                  #23

                  @d19dotca Looks like there is a fix upstream, can you guys try? I can update the package as needed.

                  fbartelsF 1 Reply Last reply
                  2
                  • girishG girish

                    @d19dotca Looks like there is a fix upstream, can you guys try? I can update the package as needed.

                    fbartelsF Offline
                    fbartelsF Offline
                    fbartels
                    App Dev
                    wrote on last edited by
                    #24

                    Hi @girish,

                    I can confirm that after updating the plugin the user role is no longer reset after logging in.

                    girishG 1 Reply Last reply
                    3
                    • fbartelsF fbartels

                      Hi @girish,

                      I can confirm that after updating the plugin the user role is no longer reset after logging in.

                      girishG Offline
                      girishG Offline
                      girish
                      Staff
                      wrote on last edited by
                      #25

                      @fbartels thanks! I will update the packages.

                      1 Reply Last reply
                      2
                      • girishG Offline
                        girishG Offline
                        girish
                        Staff
                        wrote on last edited by
                        #26

                        Both packages are now updated.

                        1 Reply Last reply
                        1
                        • d19dotcaD Offline
                          d19dotcaD Offline
                          d19dotca
                          wrote on last edited by
                          #27

                          I just tried it, works great. 🙂 Glad we got it sorted. Thanks for the help everyone.

                          --
                          Dustin Dauncey
                          www.d19.ca

                          1 Reply Last reply
                          1
                          • nebulonN nebulon marked this topic as a question on
                          • nebulonN nebulon has marked this topic as solved on
                          Reply
                          • Reply as topic
                          Log in to reply
                          • Oldest to Newest
                          • Newest to Oldest
                          • Most Votes


                          • Login

                          • Don't have an account? Register

                          • Login or register to search.
                          • First post
                            Last post
                          0
                          • Categories
                          • Recent
                          • Tags
                          • Popular
                          • Bookmarks
                          • Search