Approvazione non necessaria per utente SSO con errore 403

Supporto SSO
1

Wordpress gestisce la creazione degli utenti, ma oggi ho in attesa l’approvazione di questo utente:

approve-user
approve-user2250×352 39.5 KB

Cliccando su Approva si verifica un errore 403:

403-error
403-error848×330 9.4 KB

Non ho mai visto un utente richiedere approvazione prima d’ora, quindi non sono sicuro del perché questo sia diverso. Nell’Amministrazione appare esattamente come tutti gli altri utenti.

Forse l’aggiornamento di ieri alla versione v2.3.0.beta6 +16 ha introdotto un bug?

Ecco il registro degli errori:

Log

Messaggio

Uncaught [object Object] Url: https://forum.glasair-owners.com/assets/ember_jquery-5dbd79abddf53926275c73f77dbe61e7351258de8d2e886bf2ce86f144368848.js Line: 9 Column: 11652 Window Location: https://forum.glasair-owners.com/review

Backtrace

Ambiente

hostname gaoa-discourse-app
process_id 3240
application_version f3ed002c30e4b6d7fce76d209202287b1cf85c55
HTTP_HOST forum.glasair-owners.com
REQUEST_URI /logs/report_js_error
REQUEST_METHOD POST
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
HTTP_ACCEPT */*
HTTP_REFERER https://forum.glasair-owners.com/review
HTTP_X_FORWARDED_FOR 75.164.xxx.xxx
HTTP_X_REAL_IP 75.164.xxx.xxx
params message Uncaught [object Object] Url: https://forum.glasair-owners.com/assets/ember_jquery-5dbd79abddf5392627
--- --- --- ---
--- ---
url https://forum.glasair-owners.com/assets/ember_jquery-5dbd79abddf53926275c73f77dbe61e7351258de8d2e886b
line 9
column 11652
window_location https://forum.glasair-owners.com/review
2

@eviltrout is this on your list?

3

Could you check the logs again for the server side error? What you’ve included here appears to be a Javascript error which is not the root cause.

4

The error was on March 29, and /logs only goes back to March 30. I didn’t protect it. Can the log be retrieved elsewhere?

Earlier today I tried Approve again and this time it went through without the 403 error.

approved-user
approved-user.jpg770×414 27 KB

5

Unfortunately not. Do you know if you updated your forum since the error appeared? I’m trying to figure out if it’s something we fixed already.

6

I have not updated - still on the same version that first produced the issue: v2.3.0.beta6 +16.

7

Perhaps completely unrelated, but… my forum started as an import from phpBB, and all my new users show up as “Anonymous user from phpBB3” even though they are not. For example the user from the OP looks like this:

anon-user-phpbb3
anon-user-phpbb3.jpg1582×476 71.8 KB

EDIT: One more data point, as mentioned here—my invite only has been enabled since the forum was created.

8

Okay now I am wondering if the bug is related to invite only when using SSO, I’m investigating.

9

Okay after looking into it slightly, I suspect the problem here is having SSO + Invite Only was always undefined behavior in Discourse. It doesn’t really make sense to have people log in via SSO but also require an invite.

Is disabling invite only an option for you? Why would you need it enabled?

10

Yes - I’ve disabled it already and I can’t recall why it was enabled.

11

This appears to have been fixed by disabling invite only when SSO is in use. I just had a new user sign up and he was not queued for review.

Still on the same version v2.3.0.beta6 +16.

12

I’m going to see if I can prevent invite only from being set when using SSO.

13

Also consider this use case:

14

This commit prevents invite only and enable sso at the same time:

15

I looked into this, and it seems to work now. If enable sso is true, the “Share / Invite” (now consolidated) modal does not allow emails, only usernames.