- Posts: 23
- Thank you received: 2
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Upgraded from 2.05 to 2.57 caused permission issue
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
7 years 3 months ago #145829
by katcher01
Upgraded from 2.05 to 2.57 caused permission issue was created by katcher01
Hello, following an upgrade from 2.0.5 to 2.57+ I noticed existing users were now able to see all other users surveys. Is this supposed to happen? If so, is their a simple sql which we can run to update the permissions. I understand that the users must only have Create if we want the users to own /edit surveys they created.
MSSql, Windows apache 2.4 php 5.6.28
Thanks
Eric
MSSql, Windows apache 2.4 php 5.6.28
Thanks
Eric
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13907
- Thank you received: 2546
7 years 3 months ago #145844
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic Upgraded from 2.05 to 2.57 caused permission issue
Hi :
manual.limesurvey.org/Manage_users#Setti...rmissions_for_a_user
You surely have "Edit survey" checked for your users : then edit all survey (a user can always edit HIS survey).
You surely have "Edit survey" checked for your users : then edit all survey (a user can always edit HIS survey).
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 3 months ago #145881
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Hi, Denis, the issue is how can I remove the appropriate permissions from the 500+ users who are already upgraded with incorrect permissions. Do I have to do each user individually and set only Create? Is there some sql I can run directly on DB to fix?
Any suggestions would be appreciated.
Eric
Any suggestions would be appreciated.
Eric
The topic has been locked.
- markusfluer
- Visitor
7 years 3 months ago #145917
by markusfluer
Replied by markusfluer on topic Upgraded from 2.05 to 2.57 caused permission issue
Hello Katcher, what permission should you users have, create survey and update survey?
Or also import and export?
I can provide you with an sql.
Or also import and export?
I can provide you with an sql.
The topic has been locked.
- LouisGac
- Visitor
7 years 3 months ago - 7 years 3 months ago #145929
by LouisGac
Replied by LouisGac on topic Upgraded from 2.05 to 2.57 caused permission issue
Also, a start build number would have been useful to help you.
We have many people who updated from 2.05 version to 2.50 without any problem. But, not so many people use MSSQL (and they're right). So maybe it's MSSQL bug in the DB upgrade process.
Knowing that 2.05 versions start with a db_version of 168, to find what went wrong, all the updates of permissions for db version superior to 168 should be checked.
You're lucky: I just did that work, and there is only one update of the permission table since 2.05, for db version 172:
github.com/LimeSurvey/LimeSurvey/blob/ma...lper.php#L1180-L1199
This piece of code probably went wrong on your server for some reason (MSSQL version?)
So just relaunch it, and you should be fine.
We have many people who updated from 2.05 version to 2.50 without any problem. But, not so many people use MSSQL (and they're right). So maybe it's MSSQL bug in the DB upgrade process.
Knowing that 2.05 versions start with a db_version of 168, to find what went wrong, all the updates of permissions for db version superior to 168 should be checked.
You're lucky: I just did that work, and there is only one update of the permission table since 2.05, for db version 172:
github.com/LimeSurvey/LimeSurvey/blob/ma...lper.php#L1180-L1199
Code:
case 'mssql': try{ setTransactionBookmark(); $oDB->createCommand()->dropIndex('permissions_idx2','{{permissions}}');} catch(Exception $e) { rollBackToTransactionBookmark(); }; try{ setTransactionBookmark(); $oDB->createCommand()->dropIndex('idxPermissions','{{permissions}}');} catch(Exception $e) { rollBackToTransactionBookmark(); }; alterColumn('{{permissions}}', 'entity_id', "INTEGER", false); $oDB->createCommand()->createIndex('permissions_idx2','{{permissions}}','entity_id,entity,permission,uid',true); break;
This piece of code probably went wrong on your server for some reason (MSSQL version?)
So just relaunch it, and you should be fine.
Last edit: 7 years 3 months ago by LouisGac.
The topic has been locked.
- LouisGac
- Visitor
7 years 3 months ago - 7 years 3 months ago #145930
by LouisGac
Replied by LouisGac on topic Upgraded from 2.05 to 2.57 caused permission issue
Also, if you have more than 500 users, and so if you are a professional user of LimeSurvey, I highly recommend you to use the comfortUpdate or to use one of our professional hosting solution to avoid those kind of problems in the future:
www.limesurvey.org/services
LimeSurvey professional hosting users benefit of our direct support.
If for any reason you would have faced such a problem on our hosting solution, it would have been resolved in few hours max.
www.limesurvey.org/services
LimeSurvey professional hosting users benefit of our direct support.
If for any reason you would have faced such a problem on our hosting solution, it would have been resolved in few hours max.
Last edit: 7 years 3 months ago by LouisGac.
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 3 months ago #145962
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Thanks for the reply,
First off:
Version 2.05+ Build 140116
DB Version 174
First off:
Version 2.05+ Build 140116
DB Version 174
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 3 months ago #145964
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Hello Markus,
Our old users were autocreated and had permission to create their own surveys. We do not want users to be able to see any other surveys other than their own. One Caveat, we may be creating some surveys which can have multiple survey admins. We are however going to handle those manually as one offs. The users on the other hand exist or will be autocreated with create perms only. This appears to be working with our basic custom reverse authentication (token check) plugin.
Our old users were autocreated and had permission to create their own surveys. We do not want users to be able to see any other surveys other than their own. One Caveat, we may be creating some surveys which can have multiple survey admins. We are however going to handle those manually as one offs. The users on the other hand exist or will be autocreated with create perms only. This appears to be working with our basic custom reverse authentication (token check) plugin.
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 2 months ago #146176
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Any News on this?
Thanks
Eric
Thanks
Eric
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 2 months ago - 7 years 2 months ago #146216
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Hello, I am a little confused about the permissions. On my production lime survey application (2.0.5) the lime_permissions seem to be set as
create_p = 1, read_p = 1, update_ =1, delete_p =1 yet each user can see only their own surveys. On 2.57, if these permissions are maintained, the survey admins can see/edit all surveys. Is this the desired outcome of the upgrade? Was the permission structure changed to provide global access to all surveys? I thought that if you set the create_p flag to 1 and the remaining to 0 a user would only be able to see and interact with their own surveys. Is that correct? If so, the upgrade worked but the feature changed and if I want the original setup i.e. survey admins can only see/edit etc their own surveys I have to change the upgraded perms to the following:
update dbo.lime_permissions set read_p = 0, update_p = 0, delete_p = 0 WHERE id in (select id from dbo.lime_permissions where read_p = 1 and update_p = 1 and delete_p = 1 and permission = 'surveys');
Is that correct?
Eric
create_p = 1, read_p = 1, update_ =1, delete_p =1 yet each user can see only their own surveys. On 2.57, if these permissions are maintained, the survey admins can see/edit all surveys. Is this the desired outcome of the upgrade? Was the permission structure changed to provide global access to all surveys? I thought that if you set the create_p flag to 1 and the remaining to 0 a user would only be able to see and interact with their own surveys. Is that correct? If so, the upgrade worked but the feature changed and if I want the original setup i.e. survey admins can only see/edit etc their own surveys I have to change the upgraded perms to the following:
update dbo.lime_permissions set read_p = 0, update_p = 0, delete_p = 0 WHERE id in (select id from dbo.lime_permissions where read_p = 1 and update_p = 1 and delete_p = 1 and permission = 'surveys');
Is that correct?
Eric
Last edit: 7 years 2 months ago by katcher01. Reason: More details
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13907
- Thank you received: 2546
7 years 2 months ago - 7 years 2 months ago #146218
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic Upgraded from 2.05 to 2.57 caused permission issue
In 2.05 : read/surveys permission or update/surveys permission is not used .
The owner of a survey have all rights on his survey then don't need an extra settings.
The manual in 2.05 show "read/surveys permission" : allow user to see all surveys
There is a bug in 2.05 but , dev most use LS as superadmin then don't see the bug for a long time. This is fixed in 2.6 if i remind, not in 2.5X
The Update SQL seems OK
The owner of a survey have all rights on his survey then don't need an extra settings.
The manual in 2.05 show "read/surveys permission" : allow user to see all surveys
There is a bug in 2.05 but , dev most use LS as superadmin then don't see the bug for a long time. This is fixed in 2.6 if i remind, not in 2.5X
The Update SQL seems OK
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Last edit: 7 years 2 months ago by DenisChenu. Reason: The Update instructions seems OK :)
The topic has been locked.
- katcher01
- Topic Author
- Offline
- Junior Member
Less
More
- Posts: 23
- Thank you received: 2
7 years 2 months ago #146219
by katcher01
Replied by katcher01 on topic Upgraded from 2.05 to 2.57 caused permission issue
Thanks, when I run the upgrade on our productio site I will remember to run the sql to fix the permissions.
Best wishes for the new year!
Eric
Best wishes for the new year!
Eric
The topic has been locked.