I have two OJS installations running on the same server in virtual hosts. They’re configured pretty much identically, and they have the primary admin user. In site #1 I have been creating test journals and creating new users. Site #2 has only the one admin user, no other users.
Today I started working in site #2, and discovered that my user does not have the same privileges as the user in site #1:
If I click the Administration link from the user dropdown, I get “Access denied”
If I do go to Site Settings (at index.php/index/admin/settings), the only option I see is Language selection. All the other tabs and options, present in site #1 (Settings, Navigation, Information, Appearance, Plugins) are missing.
I have to assume I somehow lost my role as site administrator, but how could that have happened? And how can I get it back?
Here’s a posting about how to grant a Site Administrator role to someone – but I think you might need to double-check the data in the user_user_groups table to see what roles your user already has…
Regards,
Alec Smecher
Public Knowledge Project Team
Hi Alec – it looks like you might have intended to include a link with that message, but no link is showing… Can you please post it? I’d be happy to look.
I’m not sure why my user would have lost its privileges, though. There is currently only one user in the system.
Thanks! Yes, both installs have user 1 in groups 1 and 2. The install where admin privileges are working also has user 1 in a few other groups.
So based on this, everything should be working correctly for this user, but somehow I cannot access the things I should be accessing. Would the right thing to do here be to remove user 1 from group 2 and make them exclusively a member of group 1?
It’s not going to be 100% reliable to exchange group IDs (the 1 and 2 you’re talking about) between installations – these are references to the group_id column in the user_groups table. There, context_id will refer to a journal_id in journals to indicate which journal the enrollment represents, and role_id will be the numeric code indicating the permission level to the OJS source code.
Since that’s probably clear as mud, here’s how list permission levels for a user for each journal:
SELECT CASE WHEN ug.context_id=0 THEN '(site wide)' ELSE ug.context_id END AS journal_id, ug.role_id AS role_id
FROM user_groups ug JOIN
user_user_groups uug ON (ug.user_group_id = uug.user_group_id)
WHERE uug.user_id=1 ORDER BY ug.context_id;
Regards,
Alec Smecher
Public Knowledge Project Team
The problem here is not permissions for individual journals, but for the whole site.
The sole user of the site is theoretically the administrator, and has access to Site Settings and all that other stuff, but is missing a lot of the options that should be there.
Is this a permissions/roles thing, or is it possibly something else?
The difference will either be in the code or the database, and site-wide role information is stored in the tables referenced in the query above, so it’s worth checking.
Regards,
Alec Smecher
Public Knowledge Project Team
Rather than focusing on the ROLE_ID_SITE_ADMIN (role_id=1) role, you might want to look at your two accounts’ assignments to the ROLE_ID_MANAGER role (role_id=16). When a Site Administrator creates a new journal, they are automatically assigned a Journal Manager role in that journal. If that’s the case in one of your journals but not the other, that could account for the difference.
Regards,
Alec Smecher
Public Knowledge Project Team