Hello,

I enabled this fantastic module for a content type, but when I click on any of the thumbs in a thumb up down widget, I am redirected to a user page saying you must login.

But I am logged in as admin.

Comments

bertboerland’s picture

could you provide us with more information since this is rather odd. what other modules have you installed? how is rate configured? what if you log in after the message (even if you were logged in as admin)?

weka’s picture

Status: Active » Closed (cannot reproduce)

I am unable to replicate this behavior. Please reopen if you are still experiencing the problem and try to provide more details.

giorgio79’s picture

Seems to be related #1110786: 404 after login on redirected page "You must login before you can vote"

I figured it out meanwhile:

I checked my widget settings, and for some reason, in the permissions only Anonymous was enabled. After enabling authenticated it started working again :)

aacraig’s picture

Version: 6.x-1.0 » 7.x-2.x-dev

This error still exists in D7 as well. If you are the admin user (ie, uid == 1), then it is possible that you get denied voting privileges in _rate_check_permissions(), because that function only checks the user's roles. While technically correct, it doesn't respect the common practice that the admin user has permission to do anything on the site and doesn't have to pass any permissions check.

If the admin user isn't specifically part of a role that has permission to vote (in the OP's case, that is authenticated user, but it could be any role that the admin isn't in) then permission will be denied.

In my particular case, only users of a certain role may vote, so the authenticated role is not checked. Therefore, my admin user (who is only an authenticated user) may not vote.

To replicate this error on a fresh install, create at least one role (I'll call it 'voters'). Make sure your admin user is NOT a member of the voters role.

Create a thumbs up/down widget (thought behaviour will be the same for all widgets that test permissions with _rate_check_permissions()) and allow voting ONLY with the 'voters' role.

Try to vote as the admin user.

This can be easily fixed by adding the test $user->uid == 1 at the top of the function, like:

function _rate_check_permissions($widget, $node = NULL) {
  global $user;

  // always allow the main admin user
  if ($user->uid == 1) {
    return RATE_PERMISSION_OK;
  }

  ...

While there is a valid argument to say that the function works as it should and only users specifically associated with a role that can vote should be allowed to vote, it is common for site administrators to assume that the admin user has access to everything.

aacraig’s picture

The page didn't show my previous post after saving it, so I thought it hadn't gone through.

Removing repeated post.