Release Notes

  • Fixed fatal error raised by gaps in the menu array
  • Fixed issue when only one menu item could be appended, replaced or removed instead of multiple items

  • Ok, got a question! The module seems fairly easy to customize.

    I was about to introduce a modification to the "DEFAULT_ROLE" in "roles/lib/config.php", more in particular these:

                    'pages' => array(
                        'groups/add/{$self_guid}' => array('rule' => 'deny'),
                        'file/all' => array('rule' => 'deny'),
                        'pages/all' => array('rule' => 'deny'),
                        'file/add/{$self_guid}' => array('rule' => 'deny'),
                        'pages/add/{$self_guid}' => array('rule' => 'deny')
                    ),

    What i am trying to achieve with those rules is to restrict the normal logged-in user to create any kind of file, page or even accessing the not-filtered view for all files and pages!

    And it doesn't seem to work

    Am I missing something here?

  • @Francesco Vanacore: To update the rule set, you need to be logged in as an administrator, and after editing the configuration array, you need to hit any page of your site. This updates the roles cache. After that, to test your roles, you need to log out and log in as a user having the specific role you're testing.

    You can also do this simultneously in two browsers, one using an admin user and one using a user having the role to be tested. Did you follow those steps? If yes, please elaborate on "And it doesn't seem to work"

  • @Andras: Thanks for the prompt response. I'm not sure how so many people got it to work successfully without tweaking anything because mine doesn't work if left as is. I did a very simple check -- clean elgg instal and dummy plugin to display count roles_get_roles. Without moving the code from start.php to activate.php, the result was 0. After tweaking, I got 3 as expected. Besides, in the original version, my default admin account was not set to ADMIN_ROLE as it was supposed to because I couldn't see the change role option in the user's setting page. It showed up after tweaking.

    Besides, regarding multiple roles for one user entity, I guess the only qualm is similar to the qualm concerning multiple inheritance, a.k.a overriding permission (correct me if I'm wrong). However, recently I came across a programming language named Scala and it solved that problem very nicely with Trait (concrete implementation attached to interfaces). I wonder if Roles could be extended in the direction. Roles with Traits? Just throw it out there because I'm new to Elgg and still not very fluent yet, although I'd love to give that idea a try after I'm done with my current project.

    Cheers,

  • @Lim "I'm not sure how so many people got it to work successfully without tweaking anything because mine doesn't work if left as is" - Exactly my thoughts. What Elgg version do you use?

    I've been away from the PHP/Elgg world for a while, that's why I need a bit more time to thoroughly assess this issue. On multiple roles via multiple inheritance - gee, that's a heavy issue. As I told Steve Clay earlier, just for the fun of it, I would not implement multiple roles for a single user. If there's a use-case that is not solvable with the current single-inheritance approach, than I'd be willing to consider it.

  • @Lim second thoughts - just one thing that's confusing me regarding this: "Besides, in the original version, my default admin account was not set to ADMIN_ROLE as it was supposed to because I couldn't see the change role option in the user's setting page."

    The default roles - admin, user, and visitor (i.e. non-authenticated user) - correspond to the default access system to Elgg. You should not, and will not, be able to select those on the user settings page. These are calculated attributes for any viewer of an Elgg site based on their current session. So, in essence, when not having defined any specific role, you should only see "No specific role" in the user setting page. If the user is and Elgg admin, he/she will have the credentials stated by the default Elgg access system, or by the overridden ADMIN_ROLE setup.

    I realize this might be confusing, but this was an intentional design decision, mostly for improving performance. If you have a million users on your Elgg site, and install the roles plugin, it will not create a million user <-> role relationships. Instead, it just lets take over Elgg default access mechanism. When you start creating/extending roles, user <-> role relationships will only be created for non-default (i.e. not regular user, not admin, not a non-logged-in visitor, but something else) users.

  • I use Elgg 1.8.8. Besides, sorry for the confusion and misunderstanding :) I read over the code, and I think I understood it correctly judging on your explanation above. I meant on plugin activation, the default Elgg admin account is associated with ADMIN_ROLE by Roles plugin (is that correct?) and as a result this admin could see a drop down box in normal Elgg user's setting page, even if this box contains only a "No specific role"  option.

    The problem is I saw no dropdown box (sorry for not clarifying this earlier) when leaving Roles plugin unchanged. It appeared after moving the code like I said and displayed "No specific role". After that, I was able to use a configuration array as documented and displayed more roles in this dropdown box.

    So to sum up, the problem was no dropdown box, not no role in the dropdown box by default :) Sorry for the confusion.

    Cheers,

  • the default Elgg admin account is associated with ADMIN_ROLE by Roles plugin (is that correct?)

    Sorry I meant the default Elgg admin account should be able to see the dropdown box initially, not associated with ADMIN_ROLE. Don't know what got into me to say that after you explained yourself. My apologies.

  • @Lim :) :) No worries, but I'm still a bit confused. Is Roles working now as expected, or do you still have an issue to be investigated?

  • It worked very well after I moved the hook register from start.php to activate.php. I guess I'm just trying to ask you why because no one else had to do that. And I tried to explain two symptoms: leaving the plugin as is, on activation, 1) the result from count(roles_get_role()) should be 3 on activation, but I got 0 instead. 2) as a default elgg admin user, I should be able to a dropdown box on other users' setting page with 1 option "No specific role", but I see no dropdown box.

    Cheers,

  • @Lim Ok that is very clear, will look into to it ASAP (probably Monday).

  • Can't see where I'm going wrong here, can anyone help?

      VISITOR_ROLE => array(
       'title' => 'roles:role:VISITOR_ROLE',
       'extends' => array(),
       'permissions' => array(
        'actions' => array(
        ),
        'menus' => array(
        ),
        'views' => array(
         'page/elements/topbar' => array(
          'rule' => 'extend',
          'view_extension' => array(
           'view' => 'core/account/login_dropdown',
           'priority' => 150
          )
         ),
        ),
        'hooks' => array(
        ),
       ),
      ),

    I'm running my roles config in a library off my theme plugin, I just can't get this to show up. I have logged in as admin and visited page etc, restarted plugin, but it's not showing up. Thanks for looking.

  • Hey Guys,

    I can confirm @lim's issue. The only ruleset that's working is the 'menus' array; it hides items as expected. I even merged @lims PR into my code base but it still doesnt work.

    'permissions' => array(
    'pages' => array(
    'file/all' => array('rule' => 'deny'))

    Yes, I refreshed any page as admin after changing the config array.

  • @lim @CoPro I do apologize for not attending this issue yet. Will try to do very soon. CoPro, you gave some valueable additional information on the bug, thanks.

  • I just tried a few more things and wanted to let you know the results. First of all I'm wondering why the version of the manual is 1.0.0 and 1.0.2 for the actual plugin in the git repo while it is vice versa in the file one may download on this page?

    As stated above the simple rule "file/all" didnt work for the VISITOR_ROLE. But it worked when declared for the default or admin role. At the same time a similar page rule 'members' => array('rule' => 'deny') doesnt work for any role. Not yet sure why.

    Best regards.

  • @lim So finally I got a bit of freetime to test the issue you reported. I installed a clean Elgg 1.8.8 on a debian squeeze server with MySQL database. Afterwards I downloaded Roles from this very page. Enabled the plugin, then went to the user settings page. The last section of the page contained a dropdown box called "Select Role" with only one item: "No specific role". This works as expected. Remember - ordinary users won't be able to change their role by default, you need to be an admin to do that.

    Then I had a look at the database. It has a new subtype called "role" having the class "ElggRole". The objects table contained 3 role objects, Visitor, Member and Administrator. This is again working as expected.

    In other words, I could not reproduce your issue. If you still experience this, please contact me via private message, and will try to figure out a way to debug your specific issue on your server.

  • @CoPro "First of all I'm wondering why the version of the manual is 1.0.0 and 1.0.2 for the actual plugin in the git repo while it is vice versa in the file one may download on this page?"

    This is an obvious screwup, thanks for pointing out. Will fix in 1.0.3, which version number will hopefully be consistent in both the manifest and the manual :)

    I can confirm that "the simple rule "file/all" didnt work for the VISITOR_ROLE". Looking into it. Thanks for the reports!

  • @CoPro, @Sparky rule processing for the VISITOR_ROLE had a bug, which is fixed now on github https://github.com/arckinteractive/Roles Also, there is an additional fix that enables handling menu related rules to any depth. Please have a look if this version solves your problems.

    @CoPro The 'members' => array('rule' => 'deny') rule was not working because Elgg appends a trailing slash to the "members" path, thus it becomes "members/". You can either use regular expressions to match all subpages of the members page (as explained in the manual), or use explicit rules like


    'members/' => array('rule' => 'deny'),

    'members/newest' => array('rule' => 'deny'),

    'members/popular' => array('rule' => 'deny'),

     
     etc. in your configuration. let me know if these fixes work for you - if yes, I'll upload the new version here.


  • What is this:

    Error Fatal

    Could not load the roles library from /home/dir/public_html/mysite/elgg-1.8.8/mod/roles/lib/roles.php

    InvalidParameterException Object
    (
    [message:protected] => Could not load the roles library from /home/dir/public_html/mysite/elgg-1.8.8/mod/roles/lib/roles.php
    [string:Exception:private] => exception 'InvalidParameterException' with message 'Could not load the roles library from /home/dir/public_html/mysite/elgg-1.8.8/mod/roles/lib/roles.php' in /home/dir/public_html/mysite/elgg-1.8.8/engine/lib/elgglib.php:114
    Stack trace:
    #0 /home/dir/public_html/mysite/elgg-1.8.8/mod/Roles/activate.php(12): elgg_load_library('roles')
    #1 /home/dir/public_html/mysite/elgg-1.8.8/engine/classes/ElggPlugin.php(825): include('/home/cltest/pu...')
    #2 /home/dir/public_html/mysite/elgg-1.8.8/engine/classes/ElggPlugin.php(717): ElggPlugin->includeFile('activate.php')
    #3 /home/dir/public_html/mysite/elgg-1.8.8/actions/admin/plugins/activate.php(29): ElggPlugin->activate()
    #4 /home/dir/public_html/mysite/elgg-1.8.8/engine/lib/actions.php(104): include('/home/dir/pu...')
    #5 /home/dir/public_html/mysite/elgg-1.8.8/engine/handlers/action_handler.php(20): action('admin/plugins/a...')
    #6 {main}
    [code:protected] => 0
    [file:protected] => /home/dir/public_html/mysite/elgg-1.8.8/engine/lib/elgglib.php
    [line:protected] => 114
    [trace:Exception:private] => Array
    (
    [0] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/mod/Roles/activate.php
    [line] => 12
    [function] => elgg_load_library
    [args] => Array
    (
    [0] => roles
    )

    )

    [1] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/engine/classes/ElggPlugin.php
    [line] => 825
    [args] => Array
    (
    [0] => /home/dir/public_html/mysite/elgg-1.8.8/mod/Roles/activate.php
    )

    [function] => include
    )

    [2] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/engine/classes/ElggPlugin.php
    [line] => 717
    [function] => includeFile
    [class] => ElggPlugin
    [type] => ->
    [args] => Array
    (
    [0] => activate.php
    )

    )

    [3] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/actions/admin/plugins/activate.php
    [line] => 29
    [function] => activate
    [class] => ElggPlugin
    [type] => ->
    [args] => Array
    (
    )

    )

    [4] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/engine/lib/actions.php
    [line] => 104
    [args] => Array
    (
    [0] => /home/dir/public_html/mysite/elgg-1.8.8/actions/admin/plugins/activate.php
    )

    [function] => include
    )

    [5] => Array
    (
    [file] => /home/dir/public_html/mysite/elgg-1.8.8/engine/handlers/action_handler.php
    [line] => 20
    [function] => action
    [args] => Array
    (
    [0] => admin/plugins/activate
    )

    )

    )

    [previous:Exception:private] => 
    )

  • @Andras I've just tried the new version and it works now. Grinned a bit when I read the commit log ;) Thanks for the bug fix. I'll checkout the other new (menu) feature soon. Ah and although I didnt mention it .. I tried regex for the "members" rule.

  • Line 457 of mod/roles/lib/roles.php

    $pageowner_guid = elgg_trigger_plugin_hook('page_owner', 'system', NULL, 0);

    In my environment, variable $pageowner_guid is always getting 0 as value, not allowing to perform rules that use roles user variables, and gapping my roles array configuration.

     

    Don't know if it is a problem of plugin priority or something I'm doing really wrong.

     

    Any help will be pareciated.



  • @Andras sorry for not following up. My elgg project is just too big for one person so I kinda forgot about this problem. I can confirm that this problem is server specific because I experienced it on XAMPP but it works fine as-is on my production server without the tweak. Tks for looking into it anyway.

  • Hi Guys,

       I need this plugin work in elgg1.7.8.  Any suggention please..

     

  • @kirubakaran k - Backporting this to 1.7.8 would basically involve rewriting it. I'd suggest upgrading to the latest version of 1.8. Also, 1.7.8 is _extremely_ outdated and has a number of major security flaws. You should upgrade immediately to the latest version of 1.7 if upgrading to 1.8 isn't an option.

  • @Brett - thanks brett. We are using the elgg more than 5 years, before 1.8 is easy to upgrade. It will take more than 2 to 3week to upgrade. Once again thanks brett.

     

Arck Interactive

You imagine. We create. We develop custom social networks, content management systems and other rich internet applications. We help entrepreneurs and creative agencies breathe life into their visions. Let's start a conversation!

Stats

  • Category: Uncategorized
  • License: GNU General Public License (GPL) version 2
  • Updated: 2017-5-27
  • Downloads: 8475
  • Recommendations: 45

Other Projects

View Arck Interactive's plugins