I have created a role called adminstrators and have specified that as the role that Admin Roles should use for permissions. When I save the Modules the Admin Roles module reports that permissions have been updated, but when reviewing the permissions screen, the "anonymous user" role has been updated to have all permissions (far from the desired behaviour!).

Comments

vaelen’s picture

This seems to happen because the roles are numbered by the order they are returned (alphabetically) instead of by their actual number. Since anonymous is 1, and I bet your admin group is called 'admin' and shows up as the first one in the list (mine did too), selecting admin stores the admingroup_admingroup value as "1", which is really the role id for 'anonymous user'. I just opened up admingroup.module and hardcoded the value to '3' (the number of my admin role) at line 47.

jonhattan’s picture

StatusFileSize
new663 bytes

attached a patch for version 5.x-1-1 of the module. It includes two extra lines in order to sort the array by keys, overriding the default behaviour of sorting by values.

$u_roles = user_roles();
ksort($u_roles);

jonhattan’s picture

Version: 5.x-1.1 » 5.x-1.x-dev
Status: Active » Needs review
StatusFileSize
new534 bytes

same patch for dev version

macros’s picture

I made the changes as specified, and has fixed the error. Cheers!

vikingew’s picture

Yes this patch works, w/o it the module is a disaster so have a new release out fast.

vikingew’s picture

Version: 5.x-1.x-dev » 5.x-1.1
Priority: Normal » Critical

set it to critical as this bug ruins permissions, and also version 5.x.1.1 as dev seem to be an old initial release and not upto date.

agentrickard’s picture

Patch verified for 5.x.1.1

ryo’s picture

Well, in fact, the bug that the anonymous is assigned as "Admin Role" has been fixed by the patch.
But still, when I create a new "administrator" role and assign it as "Admin Role" in
/admin/settings/adminrole,
all the check boxes of the "administrator" role are blank, in other words,
no access privillages are given to "Admin Role".

agentrickard’s picture

@ryo

I think you have to reload / re-save the Modules overview page to trigger the saving of admin role access rules.

ryo’s picture

@agentrickard

Thanks for the advice.
I did what you said, but the situation didn't changed.
I deleted the role "administrator", installed the 5.x-1.x-dev, and ran update.php,
created user role "admin", and assigned it as "Admin Role",
but the result was the same.

But I found why at last.
I had forgotten that I had installed "user protect module".
So I once disabled the "user protect module" and assigned the role "admin" as "Admin Role",
and things went perfect.

The mistery is that although the role "admin"s 'role' was not protected in the setting of "user protect module",
the protection worked. I don't know why.

Anyway I think it would be better to mention that there is a kind of conflict between the two modules.

JacobSingh’s picture

Status: Needs review » Fixed

I've committed the patch (the dev one actually had a parse error in it, so I picked up the other one). Will make a release right away, Thanks!

I also updated the description regarding the possible conflict (didn't confirm it though)

Anonymous’s picture

Status: Fixed » Closed (fixed)