golfads VIP
Total posts: 216
21 Нояб 2013 16:37

Hi,

It seems there is a bug/error with the ACL (Access Level) feature between Cobalt and Joomla ACL.

Based on the above screenshot, we have created a Joomla User Group including Viewing Access and named it as 'Investment', therefore, only users with this user group may be able to add new article to this type.

During our testing process, we created a test user and add the user to this user group, everything work fine, the test user can create article in this specific type as expected.

However, after we finished the initial testing process, we removed the test user from the 'Investment' user group and let this user only as 'Registered', which means that this test user should no more be able to add any new article in this specific type.

But, still, even if not in this user group anymore, the test user can still click on the 'Post Investment Classifieds here' in the Cobalt toolbar and get access to the submit form!

Surprised with this, we created a second test user and add this user only as registered, login into frontend and go to the investment page, and this new user does not has enough right to post new article and cannot click on the link 'Post Investment Classifieds here' as it is disabled and request either to register or login!

We believed that this was some kind of cache/cookie issue and we cleaned all Joomla cache and browser cache as well and re-login with the first test user account, even after deleting cache, the first user who is only registered can still access the submit page from the Cobalt toolbar.

We created a menu link item and assign this menu link item to the submit page of this specific type and assign this menu link to user group 'Investment', when the first user is logged in, he cannot see this menu link item but still can click on the submit link in the Cobalt toolbar!

Therefore, it seems that Joomla ACL is working fine but the issue is with the ACL connection between Cobalt and Joomla User Group.

We are using Payplans to manage subscriptions on our website and it is compulsory for us to be able to use the default Joomla ACL to be able to submit/update articles in Cobalt and the problem is that, if a user initially subscribe for a certain subscriptions, he will get access to submit/update articles, that is fine, but when his subscription is over, he might still be able to submit/update articles and this will cause us some problems to manage subscription on our website!

Can you please assist on this issue or even try to reproduce it at your end or is this issue only happening on our website environment as we are using Incapsula CDN for website speed etc.

Последние изменения: 02 Март 2014


Sergey
Total posts: 13,748
22 Нояб 2013 01:26

Could you please provide me with super admin access rights to your site. Also give me the name of the user that still has access. And give me direct link to the section where he should not be able to add new articles.

Use private comment for that.


golfads VIP
Total posts: 216
25 Нояб 2013 10:47

That is strange you are getting this error, the website is available! We have even been working on it all around the weekend till now.


golfads VIP
Total posts: 216
26 Нояб 2013 14:14

Hi Sergey,

Yes, you were right, ._. sorry for that, I have remove Tomy as global administrator in Cobalt settings and set the super admin as global administrator and this has solved the access issue, thanks again.

Работает на Cobalt