OJS Journal is having an issue with uploading documents

Description of issue or problem I’m having:

We have an issue with the article where the journal manager, the copyeditor on the article, and the article’s author are all unable to upload documents within the Copyediting stage within the “Copyediting Discussions” section there.

Steps I took leading up to the issue:

They will select the “Add discussion” button, select “upload file” under the “attached files” section which will open a pop-up for “Upload a Discussion File.” They are able to upload and attach a file, but once they click on “Continue” to enter the “2. Review Details” tab, they get the message that “the current role does not have access to this operation.” After looking at the role settings of the journal under “Users & Roles,” all should have permissions to upload files into the discussions copyediting page.

Or

1. Log in OJS as the specified user and type in url (I can provide you access to our Dev environment)

https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146

image2335×1383 214 KB

2. Click on Add discussion top right button

image1088×756 27.1 KB

3. Then click on Upload File bottom right button

image1573×1226 53.2 KB

4. Select Article Text for example under Article Component and click on Upload File bottom right button

image1574×780 33.8 KB

5. Then click on Continue button, you should get this error message

image3833×2082 236 KB

What I tried to resolve the issue:

I’ve taken a look at the PKP forum and GitHub, tried to apply suggestions but all failed.

[ 3.1.4 version]

[ linked solution on Github]

https://github.com/pkp/pkplib/commit/9e35b17fd7c7c721ef5de4cf3d57f52b4980288a.

[3.1.1-1 version]

[OJS] The current role does not have access to this operation -message needs more details on how to acquire the needed role · Issue #2297 · pkp/pkp-lib · GitHub.

[3.3.0-8 version] - a similar issue that has exact same version as ours but without resolution

Application Version - e.g., OJS:

[3.3.0-8 version]

Additional information, such as screenshots and error log messages if applicable:

error messages found and attached are screenshots, there is no errors in log files.

image3833×2082 208 KB

Thank you so much for any help. I will try any suggestions.

I can provide you access to our development environment.

Best,

Dung.

Hi @dung,

Are there any associated entries in PHP log?

Good Morning @Vitaliy ,

1. The only log that got written at the time I was performing this operation is access log as you can see here on log timestamps at (9:12 AM today)

2. The log snippet that is taken during this operation is:

text version:

“tail -f 000_journalhosting_ucalgary_ca_access.log
136.159.72.250 - - [22/Jun/2022:09:09:33 -0600] “GET /lib/pkp/lib/vendor/tinymce/tinymce/skins/lightgray /skin.min.css.map HTTP/1.1” 404 265 “-” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K HTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:09:09:35 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:09:36 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:09:40 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:09:41 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:09:45 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:09:46 -0600] “GET /” 302 - “-” “-”
136.159.72.250 - - [22/Jun/2022:09:09:48 -0600] “GET /index.php/cmej/citationstylelanguage/get/chicago-a uthor-date?publicationId=7821&submissionId=43038 HTTP/1.1” 200 308 “-” “Mozilla/5.0 (compatible; Semrush Bot/7~bl; +http://www.semrush.com/bot.html)”
10.17.186.5 - - [22/Jun/2022:09:09:50 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:09:51 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:09:55 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:09:56 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:00 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:01 -0600] “GET /” 302 - “-” “-”
136.159.72.251 - - [22/Jun/2022:09:10:03 -0600] “GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file -upload-wizard/start-wizard?fileStage=18&reviewRoundId=&assocType=520&assocId=73479&queryId=56887&submis sionId=74146&stageId=4&uploaderRoles=16-17-4097-4096-65536&=1655910270751 HTTP/1.1" 200 1870 “https://d ev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.251 - - [22/Jun/2022:09:10:03 -0600] "GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file -upload-wizard/display-file-upload-form?submissionId=74146&stageId=4&uploaderRoles=16-17-4097-4096-65536 &fileStage=18&revisionOnly=&reviewRoundId=&revisedFileId=&assocType=520&assocId=73479&dependentFilesOnly =&queryId=56887&=1655910270752 HTTP/1.1” 200 4405 “https://dev.journalhosting.ucalgary.ca/index.php/cje ap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTM L, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.251 - - [22/Jun/2022:09:10:03 -0600] “POST /index.php/cjeap/notification/fetchNotification HT TP/1.1” 200 58 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safa ri/537.36”
10.17.186.5 - - [22/Jun/2022:09:10:05 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:06 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:10 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:11 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:15 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:16 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:20 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:21 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:25 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:26 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:09:10:30 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:09:10:31 -0600] “GET /” 302 - “-” “-”
136.159.72.253 - - [22/Jun/2022:09:10:34 -0600] “POST /index.php/cjeap/$$$call$$$/wizard/file-upload/fil e-upload-wizard/upload-file?submissionId=74146&stageId=4&fileStage=18&reviewRoundId=&assocType=520&assoc Id=73479&queryId=56887 HTTP/1.1” 200 134 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorD ashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Ge cko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:09:10:35 -0600] “GET /” 302 - “-” “-”
136.159.72.253 - - [22/Jun/2022:09:10:36 -0600] “GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file -upload-wizard/edit-metadata?submissionId=74146&stageId=4&reviewRoundId=&fileStage=18&assocType=520&asso cId=73479&queryId=56887&submissionFileId=229734&_=1655910270753 HTTP/1.1” 200 115 “https://dev.journalho sting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64 ; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.6 - - [22/Jun/2022:09:10:36 -0600] “GET /” 302 - “-” “-””

3. The front end interface error again looks like this:

4. Surprisingly when I gave permission of “Reviewer” to this user, it works without access block to the operation. Though, the user told me that it should work without “Reviewer” permission, take a look below for the permissions she has already had.

• Is there anything I can show to you?

Thank you for your time!

Dung.

Yes, that looks like an apache/web server access log but PHP error log can show more details about the cause. E.g., on Ubuntu, the default location: https://askubuntu.com/questions/14763/where-are-the-apache-and-php-log-files

(the level of error reporting can be configured in php.ini)

Hello @Vitaliy ,

I have set the following directives in php.ini but the log is still the same. However I will try to set the config params in OJS application to debug to see if I can get more out of it.

error_reporting = E_ALL | E_STRICT (as recommended for development in php.ini)

Same access log and nothing in error log.

10.17.186.6 - - [22/Jun/2022:11:14:46 -0600] “GET /” 302 - “-” “-”
136.159.72.252 - - [22/Jun/2022:11:14:48 -0600] “GET /index.php/cjeap/$$$call$$$/grid/queries/queries-grid/add-query?submissionId=74146&stageId=4&=1655918078385 HTTP/1.1" 200 4516 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.252 - - [22/Jun/2022:11:14:48 -0600] “POST /index.php/cjeap/notification/fetchNotification HTTP/1.1” 200 58 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.252 - - [22/Jun/2022:11:14:48 -0600] "GET /index.php/cjeap/$$$call$$$/grid/files/query/query-note-files-grid/fetch-grid?queryId=56889&noteId=73481&submissionId=74146&stageId=4&=1655918078386 HTTP/1.1” 200 7653 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:11:14:50 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:14:51 -0600] “GET /” 302 - “-” “-”
136.159.72.252 - - [22/Jun/2022:11:14:53 -0600] “GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/start-wizard?fileStage=18&reviewRoundId=&assocType=520&assocId=73481&queryId=56889&submissionId=74146&stageId=4&uploaderRoles=16-17-4097-4096-65536&=1655918078387 HTTP/1.1" 200 1870 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.252 - - [22/Jun/2022:11:14:53 -0600] "GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/display-file-upload-form?submissionId=74146&stageId=4&uploaderRoles=16-17-4097-4096-65536&fileStage=18&revisionOnly=&reviewRoundId=&revisedFileId=&assocType=520&assocId=73481&dependentFilesOnly=&queryId=56889&=1655918078388 HTTP/1.1” 200 3906 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.252 - - [22/Jun/2022:11:14:54 -0600] “POST /index.php/cjeap/notification/fetchNotification HTTP/1.1” 200 58 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:11:14:55 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:14:56 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:11:15:00 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:15:01 -0600] “GET /” 302 - “-” “-”
136.159.72.252 - - [22/Jun/2022:11:15:03 -0600] “POST /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/upload-file?submissionId=74146&stageId=4&fileStage=18&reviewRoundId=&assocType=520&assocId=73481&queryId=56889 HTTP/1.1” 200 144 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
136.159.72.250 - - [22/Jun/2022:11:15:04 -0600] “GET /index.php/cjeap/login?source=%2Findex.php%2Fcjeap%2Farticle%2Fview%2F42818 HTTP/1.1” 200 10424 “-” “Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)”
136.159.72.252 - - [22/Jun/2022:11:15:04 -0600] “GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/edit-metadata?submissionId=74146&stageId=4&reviewRoundId=&fileStage=18&assocType=520&assocId=73481&queryId=56889&submissionFileId=229736&_=1655918078389 HTTP/1.1” 200 115 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:11:15:05 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:15:06 -0600] “GET /” 302 - “-” “-”
136.159.72.253 - - [22/Jun/2022:11:15:08 -0600] “GET /index.php/cmej/article/view/68172/version/23616 HTTP/1.1” 200 27858 “-” “Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)”
10.17.186.5 - - [22/Jun/2022:11:15:10 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:15:11 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:11:15:15 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:15:16 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:11:15:20 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:15:21 -0600] “GET /” 302 - “-” “-”
136.159.72.250 - - [22/Jun/2022:11:15:22 -0600] “GET /index.php/cmej/citationstylelanguage/get/turabian-fullnote-bibliography?submissionId=70650&publicationId=25772 HTTP/1.1” 200 355 “-” “Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)”

Will post again.

Dung.

Hi @Vitaliy

In OJS config.inc.php file, I set

; Enable database debug output (very verbose!)
debug = On

1. And I got these info in error log file, they are not so helpful, they are not errors.

[Wed Jun 22 11:31:24.965924 2022] [php7:notice] [pid 43572] [client 136.159.72.251:64381] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[172880,“10.70.134.1”,“Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/102.0.0.0 Safari\/537.36”,1655823661,1655919084,1,“csrf|a:2:{s:9:\“timestamp\”;i:1655919059;s:5:\“token\”;s:32:\“63fafc198f4424b6e07d5c124a15a8d1\”;}userId|i:172880;username|s:13:\“jenniferkovar\”;signedInAs|i:1;”,“dev.journalhosting.ucalgary.ca”,“aot8c4qtiv2kakdl7jui09uj6o”], referer: https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146
[Wed Jun 22 11:31:25.752069 2022] [php7:notice] [pid 43592] [client 10.17.186.5:49808] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.5”,"",1655919085,1655919085,0,"",“136.159.72.149”,“362jn0pkcrv1rjqfkjpfmkva9o”]
[Wed Jun 22 11:31:27.049462 2022] [php7:notice] [pid 43571] [client 10.17.186.6:52210] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.6”,"",1655919086,1655919086,0,"",“136.159.72.149”,“d4rtmtk0o1sk40vh7v3l4u9ker”]
[Wed Jun 22 11:31:30.757598 2022] [php7:notice] [pid 43570] [client 10.17.186.5:50902] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.5”,"",1655919090,1655919090,0,"",“136.159.72.149”,“m8uppdi53lajv0b80n86i4rrb7”]
[Wed Jun 22 11:31:32.037437 2022] [php7:notice] [pid 43569] [client 10.17.186.6:53304] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.6”,"",1655919091,1655919091,0,"",“136.159.72.149”,“5ducaeu3jpi5sjtcbveskbsjps”]
[Wed Jun 22 11:31:35.783082 2022] [php7:notice] [pid 43758] [client 10.17.186.5:52054] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.5”,"",1655919095,1655919095,0,"",“136.159.72.149”,“s8rh03tl4a9flut7ok9e28bvqa”]
[Wed Jun 22 11:31:37.050578 2022] [php7:notice] [pid 43573] [client 10.17.186.6:54400] Database query\nUPDATE sessions\n\t\t\t\tSET\n\t\t\t\t\tuser_id = ?,\n\t\t\t\t\tip_address = ?,\n\t\t\t\t\tuser_agent = ?,\n\t\t\t\t\tcreated = ?,\n\t\t\t\t\tlast_used = ?,\n\t\t\t\t\tremember = ?,\n\t\t\t\t\tdata = ?,\n\t\t\t\t\tdomain = ?\n\t\t\t\tWHERE session_id = ?\n[null,“10.17.186.6”,"",1655919096,1655919096,0,"",“136.159.72.149”,“ljdifhus8o3phm2b170r0ovkjr”]

2. And the access log says what it does but no error because it is in fact not error but role permission issues within the application - I think.

Text version:

10.17.186.5 - - [22/Jun/2022:11:37:10 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:37:11 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:11:37:15 -0600] “GET /” 302 - “-” “-”
136.159.72.250 - - [22/Jun/2022:11:37:15 -0600] “POST /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/upload-file?submissionId=74146&stageId=4&fileStage=18&reviewRoundId=&assocType=520&assocId=73483&queryId=56891 HTTP/1.1” 200 144 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.6 - - [22/Jun/2022:11:37:16 -0600] “GET /” 302 - “-” “-”
136.159.72.250 - - [22/Jun/2022:11:37:17 -0600] “GET /index.php/cjeap/$$$call$$$/wizard/file-upload/file-upload-wizard/edit-metadata?submissionId=74146&stageId=4&reviewRoundId=&fileStage=18&assocType=520&assocId=73483&queryId=56891&submissionFileId=229738&_=1655919417851 HTTP/1.1” 200 115 “https://dev.journalhosting.ucalgary.ca/index.php/cjeap/authorDashboard/submission/74146” “Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36”
10.17.186.5 - - [22/Jun/2022:11:37:20 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:37:21 -0600] “GET /” 302 - “-” “-”
10.17.186.5 - - [22/Jun/2022:11:37:25 -0600] “GET /” 302 - “-” “-”
10.17.186.6 - - [22/Jun/2022:11:37:26 -0600] “GET /” 302 - “-” “-”

Thanks!

Dung.

In the third step, under participants, you checked a user that has only the site admin role, right? According to the screenshot the user isn’t assigned to the submission. I see that there is an issue on Github regarding permissions for site admins: Ensure Site Administrators have "global" access within journals · Issue #7392 · pkp/pkp-lib · GitHub. Is it your case?

Hello @Vitaliy ,

I do not think I can understand Ensure Site Administrators have "global" access within journals · Issue #7392 · pkp/pkp-lib · GitHub correctly (sorry about my lack of understanding the software), however can you see any suggested patch/solution to point me to? I can certainly try it on my development server. Or is this required an upgrade to later version than my current version 3.3.0.8?

Thank you for your time.

Dung.

The fix isn’t released yet. For your particular case, you’d need to make changes in controllers/api/file/ManageFileApiHandler.inc.php file. This line here: ojs/ManageFileApiHandler.inc.php at stable-3_3_0 · pkp/ojs · GitHub

array(ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR),

Should be changed to

array(ROLE_ID_MANAGER, ROLE_ID_SITE_ADMIN, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT, ROLE_ID_REVIEWER, ROLE_ID_AUTHOR),

(just added ROLE_ID_SITE_ADMIN to the array)

But the issue itself is bigger than that, it affects other operations with submissions, not only with documents uploading. The fix is going to be applied to OJS 3.4 release.

@Vitaliy

Oh it slowly comes to me, I just want to share with you what my users wrote to me and it is in line with what you are telling me (It is unfortunate for me that I do not use the software, so I do not understand what permissions applied to whom, and its workflow. I am their support tech. Will try to learn the workflow when there is a chance. Or do you @Vitaliy have a workflow chart or user doc to share with me? Thank you so much!):

Hi Dung,

Thanks for your work on this. It looks like with that added Reviewer role that Kovar can, but based on her “journal manager” and “production editor” roles this shouldn’t be needed as she should automatically have permissions to do this. I also looked at whether Kovar could download files within the discussion section as well since there was another ticket (Incident #41700) I submitted yesterday that was having downloadable access issues within the “Review” tab’s discussions section, and when I was logged in as Kovar I was blocked from accessing the uploaded documents within the copyediting discussion section with the same “the current role does not have access to this operation” messaging. Also, for the author of the article Janice Aurini, they should be able to upload and download files from within the copyediting discussion section, but they can’t be assigned as a reviewer so that same user role adjustment can’t be applied.

Julia is working on a very similar issue with the TLI journal, which she’ll be submitted a ticket for. So I’m thinking this might be a broader issue affecting other journals as well. Let me know if you need more information or if you’d like me to test anything.

Thanks,

Sarah

Morning Dung,

Hopefully I can help! For the article 74146 in CJEAP, Jennifer is the assigned the roles of journal manager, production editor, layout editor, author, and with your addition reviewer. In the past as journal manager she has had access to all areas within the submission workflow for all articles as the site admin whether she has been assigned to the article or not, but in the case of this article she does not have the access she usually does. So it could be related to the site administrators access issue mentioned by Vitaliy. But the author Janice Aurini who is assigned to the article as author is also having this same access issue, so I’m not sure if this issue would solely be related to the site admin access issue mentioned. I’ve added some screenshots for CJEAP for the user role settings of the journal and of the article’s workflow page which shows the users assigned. If you’d like me to look into those other individual’s assigned roles let me know.

I also took some screenshots for the access issue of this ticket that CMEJ is experiencing as well in case they would help. Heather Hickey as the journal manager seems to be able to access the articles 74949 and 74348, but Ann and Christina are having access issues to these articles, despite being assigned to them.

Let me know if you need any other information on this.

Thanks!

Sarah.

@Vitaliy We are hosting multi journal instance.

Hello @Vitaliy ,

I made the code change, but still got the same access deny. Can you tell me what role should I add for this user to pass this check. This screen shot show the role she currently has. I understand we allowed additional role - ROLE_ID_SITE_ADMIN but not sure what its equal within application interface.

Thank you so much!

Dung.

Also @Vitaliy Our impression is that you think we are hosting Single OJS instance, however we are hosting Multi OJS instance environment.

We do not want to give this user a Site admin role (she will have access to the rest of other journals on the same application/instance), so we only want to give her a Journal manager role to one specific OJS journal and expect that she can still upload file within this journal and without access deny. Is this possible?

Thank you,

Dung.

So, it is not the issue with access for site admins, right? To double-check, in the third screenshot of the first post, the person included in the discussion is unassigned to the submission, what role(s) within the journal does the person have?

Journal managers have such permissions. I’m unable to reproduce the problem on a 3.3.0-8 install by creating a user with the Journal Manager role. Am I correct in my steps?

1. Create a user, and give a journal manager role.
2. Within the journal go to a submission, where the user isn’t assigned
3. Open a discussion on the copyediting stage by this user and include the author of the submission
4. Upload a file

Sorry, after re-reading your post, I think I’ve pointed to the wrong problem. If the editor and author of the article also can’t upload the file, it means that the problem is definitely not in the site admin permissions.

If the error message appears after pressing the continue button under the upload file tab, it means that FileUploadWizardHandler.inc.php doesn’t allow to perform editMetadata operation: pkp-lib/FileUploadWizardHandler.inc.php at stable-3_3_0 · pkp/pkp-lib · GitHub and I can’t see why it might happen.

Does this issue appear for all articles or only specific ones? And the same questions for other journals.
Did I describe reproduction steps correctly in the previous post?

Hi, @Vitaliy Dung asked I join this conversation as I submitted the ticket, so I’ve been doing some of the in-between testing. This issue does seem to be affecting different user roles including the journal manager, editors, and authors, so it’s not limited to just the journal manager. In both the Review stage and the Copyediting stage within the discussion sections there we’re experiencing issues for at least 3 of our journals in our multi-journal instance. So perhaps the issue is within the `FileUploadWizardHandler.inc.php coding.

I tested a few more articles in this particular journal (CJEAP) where there were discussions already started previous to this issue and permissions were blocked from both uploading and accessing files to download. These same issues are affecting the other journals we’ve been notified by.

The reproduction steps in the previous post look correct.

Let us know if you’d like any additional information or would like us to test anything.

Thank you @Sarah_Adams for the information.

Looking at the FileUploadWizardHandler.inc.php in OJS 3.3.0-8, I don’t see anything that can cause the issue and can’t reproduce it.

The best would be to debug this locally, e.g., install OJS on a local computer from the recent backup.

First I would check what roles are returned when the error occurs. For this, log in as a user who cannot upload a file, and reproduce the steps, but before pressing the continue button (after which the error occurs) add the line

error_log(print_r($userRoles, true));

after this one:: pkp-lib/RoleBasedHandlerOperationPolicy.inc.php at 9d5879142980a9219d0fbce961fb5e16d810f955 · pkp/pkp-lib · GitHub
This will dump into the PHP error log an array that contains the current roles of the user making a request.

Example output:

[Fri Jul  1 12:34:19 2022] Array
(
    [0] => 1
    [1] => 16
)

[Fri Jul  1 12:34:19 2022] 127.0.0.1:41924 [200]: GET /index.php/psp/$$$call$$$/wizard/file-upload/file-upload-wizard/edit-metadata?submissionId=268&stageId=4&reviewRoundId=&fileStage=18&assocType=520&assocId=327&queryId=256&submissionFileId=2541&_=1656668020183

The numbers inside the array mean that the user has an admin role (1) and journal manager role (16) within the journal. The roles can be seen here, also they are in the hexadecimal numeral system and in the output - decimal (need to be converted): pkp-lib/Role.inc.php at 9d5879142980a9219d0fbce961fb5e16d810f955 · pkp/pkp-lib · GitHub

In the example output, you also can see the request, and the path before ? symbol shows the associated handler and operation which are separated by a backslash file-upload-wizard/edit-metadata.
Basically, alongside with the response you posted,

{"status":false,"content":"The current role does not have access to this operation.","elementId":"0","events":null}

it means that the handler FileUploadWizardHandler (class) doesn’t permit the user to perform FileUploadWizardHandler::editMetadata operation (method)

Hi @Vitaliy Very nice detail instructions, thank you for that. I will be setting up and debugging it today. Will update.

Dung.

@Vitaliy @Sarah_Adams - Hi,

Oh wow it is interesting after I debugged locally as you suggested. Right after the first test, I found the unmodified version (3.3.0.8, 3, 3, 0, 8, 2021-12-13) does not have this issue but the current modified version which is having this issue. The current modified version is the same version (3.3.0.8, 3, 3, 0, 8, 2021-12-13) except that while patching the code to fix other issues in the past, it caused this issue.

I applied patches more than couple times, so I do not know which one was the one that caused issue. @Vitaliy can you suggest a way to track down these changes, or how to go about finding and fixing the problem code? Meanwhile I will try to find the differences in the entire code.

Best,

Dung.