I customized the Cases screen by adding a new button on the Activities tab's grid toolbar. I'm using PXRedirectRequiredException to try to open a new custom screen I created. This throws the insufficient rights message to my new screen's graph. In the Access Rights by Role and by Screen, I made sure that my new screen was granted permission to both Administrator and EMPLOYEE, but I still get this message and can't open the new screen. What am I missing?
This error could be caused by a missing site map definition.
Have you added your custom screen to the site map? Try to access it directly by entering the page ID in the URL.
Example: http://localhost/[InstanceName]/Main?ScreenId=AA101000
If you are redirected to the home (page 00000000), there is an error with the site map for this page.
Thanks to Fernando in the answer above, I opened the new screen by URL, which uncovered the real error. My screen's TypeName was wrong because I had renamed the class, and An ASP.NET error displayed this fact. Once I fixed the TypeName, the screen opened. The insufficient rights message was an incorrect error and a red herring.
Related
I have b2c_1_susi working. I am able to login. I'm using example code. However edit profile user flow is not working. I have the user flow created in the same fashion as susi. If I use redirect my app navigates back to home page. If I use popup, the popup comes up but then disappears. This is what I am getting in the console log.
Strangely, I ended up deleting and recreating the registration and it started working.
Make sure you add user attributes to your edit profile. You may already have user attributes on your sign up sign in profile but they do not get transferred over to the edit profile automatically
I am trying to create Sendgrid resource. Couple of days before it was working fine. From Yesterday I am getting the following error. Any Solution please.
vso[task.logissue type=error]- Resource Sendgrid.Email/accounts 'XXXXXXXXXXX' failed with message '{%0D%0A "error": {%0D%0A
"code": "ResourcePurchaseValidationFailed",%0D%0A "message": "User
failed validation to purchase resources. Error message: 'Something
went wrong. If you think this is an error please contact our support
team.'"%0D%0A }%0D%0A}'
Please be advised that the sendgrid purchase needs to be done by the Account Administrator and/or any other user with Owner RBAC role assigned to it.
Also if you have the right permission set, i would suggest you to check the account creation limit, it could be because of that also.
If this doesn't work , please go through the network trace file and check what is causing the issue and try to perform the step.
For network trace , you can do the following step and post it in your question:
Open Internet Explorer
Press F12 (This action will opens a window at the bottom of the main IE window)
Select the “Network” Tab (selected by default)
Ensure the Clear entries on navigate button is selected(button with a blue arrow pointing to the right,
and a red X in the upper-left corner)
Note: By default this option is selected. When this option is de-selected it will allow sensitive information such as any usernames and
passwords to be saved in clear text in the capture file. Microsoft will NEVER ask you to provide your password as part of troubleshooting so it
is imperative that you leave the
Clear entries on navigate option selected or you will need to manually delete the password from the trace file
before sending the trace to us for our investigation.
Perform the action which is causing the unexpected behavior or error message
Once the problem is reproduced, click the Stop Capturing button (the red square icon)
Click the Export as HAR button (floppy disk icon) to save the file
Hope it helps.
I have an unusual scenario in which only one page of our SP 2007 site is throwing this error "You are not authorized to view this page".
Here are some details:
SP 2007 Enterprise
The page in question uses SmartPart to display custom usercontrol.
We have 50+ pages that also use custom user controls in SmartPart, and none of them generate this error.
The page in question has several functions, and it initially loads just fine. First time it loads, user selects a customer from a dropdown, then enters a search query and clicks the search button. That all works, and the page then returns some search results. That works as well. The the user can click on a Modify link for each item. It's clicking on this Modify link that generates the page error. All of these things are done one this one page, it just refreshes accordingly. The Modify link is just a standard asp:commandline field that causes the page to load the line item in editable mode.
Here's the other strange thing. If I login as the SP Administrator account, and go to this page, it all works properly, no errors...and, then all other users can go in and use the page properly, without errors as well. It's as if whatever the security issue is, is being resolved temporarily as a result of the Admin using the page first. But after a code publish, or IISRESET, etc, the page goes back to not working for any general users.
Any ideas on what I should look for in trying to resolve this issue? I can also provide code if anyone thinks that may be relevant.
Thanks!
use SPSecurity.RunWithElevatedPrivileges for running your code with anonymous access user:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(web.Site.ID))
{
// implementation details omitted
}
});
I`v developed custom webpart. I can add it to page and site owners can view page with no problems.
However Site visitors/users get redirected to access denied error page. Sure, I must be doing some stuff normal users are not allowed to.
But the thing that bugs me is that when I place breakpoint in webpart constructor or even variable declaration it won't get hit! (If i try to view page with limited privileges). But in my browser, I get the access denied page. However, if I close that webpart, I instantly have access to that page and everything is OK.
What's the catch here? I was hoping I could catch exception with debugger to see which statement is guilty one, but it seems webpart doesn't execute any code and I get that exception.
Edit: Sorry, turns out debugger now hits those breakpoints. Don't know what changed, because symbols were loaded.
What is the trust level at your Sharepoint site ? You might want to give Fulltrust temporarily to see if you have any access problems.
If yes, then you might have a Code Access Security (CAS) problem on your hands. My first instinct is that your assembly does not have neccessary privilages to run correctly for normal users.
You can configure it using custom CAS entry in the manifest.xml for the webpart, e.g. if you are calling external resources then you might have to configure System.New.WebPermission and define which url you are allowed to access. You can find more info on this at the U2U site.
Also what does your webpart do ? If you are trying to access resources which normal users don't have access to (e.g. a list in some site) then you have to use the SPSecurity.RunWithElevatedPrivilages method, so that you have the neccessary privilages (be careful to create new Site instance within that method so that the Context populates correctly).
Found the solution.
Turns out that i wanned to determine if user belongs to a specific group by trying to access that group users. As this was impossible if a user doesn't have such a permissions, it was throwing some kind of internal exception with message
"Unable to evaluate expression because
the code is optimized or a native
frame is on top of the call stack."
Anyways, i now learned to loop through SPUser.Groups (SPGroupCollection) and check if we have a matching group rather than enumerating group principals and seeing if he's inside.
You need to give permission(update personal webpart) to the visitor group. However, it is not recommended. If you want you can create a separate permission level and associate it with the visitors group.
Cheers!!
We have a really strange problem.
My userid is a farm administrator and it a site collection admin on the site in question.
If I add a new group (to manage permissions), once I click the OK button on the create group page I get thrown to the Error: Access Denied page.
Here's the strange part, the group gets created.
If I try to add a user to that group, I get the access denied page but the user is not put in the group.
If I try to delete the group I get an error page that says Cannot complete this action. Please try again.
It appears to be only happening on this one site (and it's sub-sites).
There is nothing in any of the sharepoint logs or the event logs.
It has got to be a permission problem but I don't know what.
EDIT ------------------------------------ EDIT
After some more research I found this BLOG post. It states that a .NET 2.0
hotfix is the culprit of the problem and states that removing it will fix the problem.
I can't removed the hotfix because it is not installed.
Are we doomed to be stuck with this problem?
END EDIT
Sounds like maybe one of the system pages in _layouts has wacky permissions on it. Look in the IIS logs (not SharePoint logs) for a 401, 403 or 407 (or really, any HTTP code above 400) error for your user around the time you try to add/delete a group. This might point to the page that is having the problem, which will give you something to go on.
if you host your sharepoint web applications somewhere other than the default location that IIS/SP uses; check to ensure that the Users group has read to the Bin directory of the affected application. For some reason when this particular app was created it failed to add the Users group to the Bin directory with Read as it normally would under normal circumstances. This is easily testable and fails and succeeds with consistency. the only thing I've noted that it affected was the issue regarding adding New Users to a site through the Sharepoint site GUI.
This is the error received when digging through my SP logs:
Application error when access /_layouts/aclinv.aspx, Error=Access to the path 'D:\ProdSites\SP-ProdSites*****\bin' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.Directory.InternalGetFileDirectoryNames(String path, String userPathOriginal, String searchPattern, Boolean includeFiles, Boolean includeDirs, SearchOption searchOption) at System.IO.DirectoryInfo.GetFiles(String searchPattern, SearchOption searchOption) at System.IO.DirectoryInfo.GetFiles(String searchPattern) at System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() at System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) at System.Web.Configuration.AssemblyInfo.get_AssemblyInternal() at...
This is the error I was showing in the IIS logs:
2009-09-09 13:48:19 W3SVC1237373898 IP GET /OOD/_layouts/aclinv.aspx GroupId=9&Source=http%INFO2Fpeople%2Easpx%3FMembershipGroupId%3D9 80 domain\user IP Mozilla/4.0+(compatible;+MSIE+7.0;+Windows+NT+5.1;+Trident/4.0;+.NET+CLR+2.0.50727;+.NET+CLR+1.1.4322;+.NET+CLR+3.0.04506.30;+.NET+CLR+3.0.04506.648;+OfficeLiveConnector.1.4;+OfficeLivePatch.1.3;+86e) 403 0 0
maybe people have already checked this but it took me a bit. I looked for patch KB928365 and it wasn't present (lots of other posts are recommending the removal of this patch to fix this issue).
Also, the behavior was different in QA and Production as the acct I was using to add New Users to the site in QA had elevated priviledge due to its inclusion in the WSS_admin_wpg group (possibly due to the fact that its a farm admin in QA?)