Project

General

Profile

Project members get 403 error: not authorized

Added by Marcin Skoczylas almost 10 years ago

Hi!

I've had a working instance of Redmine 2.3.0 started on Thin web server (v1.5.1 codename Straight Razor) working for last year: thin start --ssl -e production. Today I wanted to add support to send emails and I configured GMail correctly (via configuration.yml), sending emails works perfectly now... I'm not sure if that broke configuration as I literally added few lines to configuration.yml but...

Now all my users that are not administrators can't access their private projects with 403 error message. If project is public everything works fine, also administrators can access the private projects. List of projects by regular members can be seen in /projects URL, also issues are shown in dashboard, but when member wants to go into the project or issue details the error is thrown (excerpt from production.log):

Started GET "/projects/xxxxx" for 89.x.y.z at 2014-06-11 11:37:50 +0200
Processing by ProjectsController#show as HTML
  Parameters: {"id"=>"xxxxx"}
  Current user: j.member (id=2)
  Rendered common/error.html.erb within layouts/base (0.1ms)
Filter chain halted as :authorize rendered or redirected
Completed 403 Forbidden in 20ms (Views: 10.7ms | ActiveRecord: 1.6ms)

What's going on?? What this error means? Where I can start digging, as I do not see any clue in this? I changed member roles to allow for everything, but still they get 403... I'm really desperate as I can't find anything in settings that could cause this. Could you please give me a hint what to do to get this working back?

Edit:
I've changed logger to debug and I got some more details:

  Role Load (0.1ms)  SELECT "roles".* FROM "roles" WHERE "roles"."builtin" = 1 LIMIT 1
  Rendered common/error.html.erb within layouts/base (0.1ms)

Is this a bug in Redmine? Why selecting roles creates an error?

Edit2:
I've upgraded Redmine to 2.5.1 but the problem is still there. I will report this as issue.