Re: New accounts created in 1.1.1 have no rights to create alerts, etc.

[Samuele Kaplun]

Dear Ferran,

In data lunedì 17 marzo 2014 11:59:44, Ferran Jorba ha scritto:
> when creating new test accounts in our systems, we have noticed that
> those accounts have no rights to create baskets, alerts, etc.  We have
> also noticed that older users that created alerts are not allowed to
> remove them, and they ask us help to delete them, as they are cannot.

in:

[...]
commit ef5d8364cda0d7907965e587586a1f163c487be0
Author: Samuele Kaplun <samuele.kap...@cern.ch>
Date:   Thu Feb 5 12:06:40 2009 +0100

    WebAccess now controls usage of many web modules.
    
    New actions have been added (e.g. usebaskets) to decide which
    users can use the baskets web interfaces.  By default any user
    can use anything.
[...]

new actions:
[...]
+               ('usebaskets', 'use baskets', '', 'no'),
+               ('useloans', 'use loans', '', 'no'),
+               ('usegroups', 'use groups', '', 'no'),
+               ('usealerts', 'use alerts', '', 'no'),
+               ('usemessages', 'use messages', '', 'no'),
+               ('viewholdings', 'view holdings', 'collection', 'yes'),
+               ('viewstatistics', 'view statistics', 'collection', 'yes')
[...]

and default roles:
[...]
+             ('anyuser', 'Any user', 'allow any'),
+             ('basketusers', 'Users who can use baskets', 'allow any'),
+             ('loanusers', 'Users who can use loans', 'allow any'),
+             ('groupusers', 'Users who can use groups', 'allow any'),
+             ('alertusers', 'Users who can use alerts', 'allow any'),
+             ('messageusers', 'Users who can use messages', 'allow any'),
+             ('holdingsusers', 'Users who can view holdings', 'allow any'),
+             ('statisticsusers', 'Users who can view statistics', 'allow 
any'))
[...]

have been introduced in order to be able to control, via webacess, the 
availability of user-oriented modules.

By default authorization should be granted to all the users, provided new 
actions and roles have been correctly loaded upon upgrade.

Have you run:

$ webaccessadmin -uadmin -a -c

> Another, maybe related, issue, is that even after validating the link
> sent via email after creating the account, this account gives some
> permission errors until the session is closed and opened again.

What exact permission error? However, it might go away with the above command, 
as the system is probably missing the new default actions that have been 
introduced in the above commit.

Cheers!
        Sam

-- 
Samuele Kaplun
Invenio Developer ** <http://invenio-software.org/>
INSPIRE Service Manager ** <http://inspirehep.net/>