By Tarlbot on

On Site:

http://weted.tantramar.com/

Anonymous users are getting "Access denied
You are not authorized to access this page. "

This is odd because on the admin page:

http://weted.tantramar.com/admin/user/configure/permission

The anonymous user is allowed to "access content", "search content", and "view uploaded files"

Another comment led me to my user_roles table - somebody complained that it was mucked up by an upgrade - I saw that there was no entry for Uid=0 - I checked another drupal site and saw that uid=0 had data rid=1 - I tried entering that hoping that the Anonymous user would be uid=0 but that didn't help.

What else can I try?

Comments

Steven’s picture

Steven commented

Here's the SQL for a clean install's users and users_roles table.

INSERT INTO users (uid, name, mail) VALUES ('0', '', '');
INSERT INTO users_roles (uid, rid) VALUES (0, 1);

You might need to run the following 2 first:

DELETE FROM users WHERE uid = 0;
DELETE FROM users_roles WHERE uid = 0;

It could also be related to the node_access API. If the above doesn't help, try this:

INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);

You can run these statements from the mysql program, or through a webbased interface like PhpMyAdmin.

Tarlbot’s picture

Tarlbot commented

INSERT INTO users_roles (uid, rid) VALUES (0, 1);

was new info (althought I thought I had tried that already as detailed above)

The other thing I poked at was: I turned on, and then back off the Drupal Cache. It was already turned off but somewhere between fixing the databases as detailed here, and making sure the Cache was off it has been fixed.

Thanks a lot!

adam.skinner’s picture

adam.skinner commented

I was having almost the same problem. I'd installed Drupal 4.6.1, and the node access values for nid = 0, realm = all were missing. By adding these values Anonymous and Authenticated users were able to view the front page promoted items as well as forums.

Without this entry, the user wouldn't even be able to view a forum post he'd made (though he could edit it).

Again, the insertion I speak of is specifically this:

INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);

adam.skinner’s picture

adam.skinner commented

After implementing the aforementioned "fix", I noticed that it had the undesirable effect of removing all effective access limits as specified in node_access. Any user is now able to view any content.

I believe that enabling the "node_privacy_byrole" is the correct solution to my problem.

smilodon’s picture

smilodon commented

I have same problem.
But i WILL NOT grant access for every damn node to anonymus user. Have some info not meant to see for everyone on the site.

I also use taxonomy_access.
The problem is that, anonymus users cant access uncategorysed nodes, though taxonomy access is set right.

This issue appeared after UID 0 (anonymus user) deleting by the stupid Drupal core. I think its something like anonymus users not geting sessions opened, not a table or script problem.

If someone could help, than i need it. Im desperate.

smilodon’s picture

smilodon commented

not a session issue afterall... in permissions allow anonymus user to acess content.

Steve Viscido’s picture

Steve Viscido commented

not a session issue afterall... in permissions allow anonymus user to acess content.

OK but... where do I do this? My list of users under admin/user/permissions does NOT include anyone or anything named 'anonymous', 'guest', 'visitor', etc. So WHERE do I go to "change permissions" for anonymous users?

Steven Viscido
The Ecology Tavern

Steve Viscido’s picture

Steve Viscido commented

Found it!

This was not a regular access control problem. I have been trying to get Organic Groups (OG) to work with 4.7.0 (so far they are not working quite right together). After getting annoyed at it last night I stripped out the modules. But, the new version of OG (unlike the old), required me to click a special "disable" button before doing this, which I didn't realize. The solution was luckily provided here:
http://drupal.org/node/11228

If you are getting this problem and using the OG module, you might want to try:

1. Make sure OG is enabled (at least basic OG)
2. Go to the OG settings page and click the "disable" button.
3. THEN go to the modules page and de-check the OG stuff

Worked well for me.

SteveK’s picture

SteveK commented

Recently had a similar issue with this. I did an upgrade on a client's site from 4.7 to 5.7. They had taxonomy_access enabled from their recent installation and I as trying to get the Premium module to work. When enabling the module or setting "Access restricted from non-premium users" for the nodes, the anonymous user would totally get cut off from any content. This line seemed to do the trick:

INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);

---
I work here: Raincity Studios.com
I hang out here: Steve Krueger.com

---
I work at The Jibe Multimedia, Inc., a Vancouver Drupal eCommerce Web Agency.

pgrote’s picture

pgrote commented

I also had this issue and wanted to add that the commands listed did not work on their own. An additional step was needed for out site.

We had to go into ACCESS CONTROL and remove the ability for anonymous users to view nodes. You save that then go back in and give them the ability to view. Save it and it works.

Steve Viscido’s picture

Steve Viscido commented

We had to go into ACCESS CONTROL and remove the ability for anonymous users to view nodes. You save that then go back in and give them the ability to view. Save it and it works.

Tried that under nodes... Removed 'access content' and re-instated it. Still not allowing access on things like the front page, general book pages, etc, all of which used to allow access before.

/sigh

Harry Slaughter’s picture

Harry Slaughter
Location Omaha NE USA
commented

i was aware of the 'uid 0' dependency in the users table. but i didn't realize there was also a dependency in users_roles. dang.

there are tons of threads on the various problems that result if the values mentioned above don't exist. it took me 45 minutes to find this thread/solution.

i really think this problem should be handled by drupal itself. it's just too common that people delete these values for whatever reason and then are dumbstruck by the problems that result.

main problems i'm referring to are:

- duplicate entry error if uid 0 does not exist
- "You are not authorized to access this page" for anonymous users if the users_roles uid0 entry does not exist.

--
Drupal tips, tricks and services
http://devbee.com/ - Effective Drupal

--
Devbee - http://devbee.net/

azoho’s picture

azoho commented

I'm getting a similar problem, don't know if it the same, where my anonymous user can access the nodes fine directly, but cannot access the category/taxonomy.

Even though they have permission to view and list the category, they get access denied.
url is like http://www.site.org/taxonomy/term/13

I had installed taxonomy access but the permissions for anonymous user for all the categories are to have View, and List rights

I've tried the various SQL commands and this has not resolved it. Again this is a problem accessing the category lists and no problem accessing the node directly or through a page from Views

I have tried disabling and uninstalling the taxonomy access module but the problem stays the same.

Does this suggest a corrupted tables? Any suggestions for reseting anon user permissions for taxonomy access through SQL?

jsabater’s picture

jsabater commented

Hello everyone!

Just to let you all know that this fxed my problem (stories not publishing, only admin could see them posted on the front page) when upgrading from version 5.7 to version 6.0 and 6.1. Weird, still, but solved now.

Thanks

--
Jaume Sabater
http://linuxsilo.net/

lungtung’s picture

lungtung commented

hi,

im use drupal 6.2
i've the same problem, access denied with some page

and the sql command it work for my case,
INSERT INTO users_roles (uid, rid) VALUES (0, 1);

thanks

newswatch’s picture

newswatch commented

Didn't work for me on D6 :(

-----------------------------
Subir Ghosh
www.subirghosh.in

Jacob’s picture

Jacob commented

I had "You are not authorized to access" problem on some pages of my site, others were fine, regardless
of the user - neither anonymous nor admin. can see those pages.

I searched for the solution on the site and tried them all:
- Both users and users_roles tables have uid=0 records and yes, I deleted those tables and created them from sql.
- node_access has the favourite 0,0,'all',1,0,0 record
- Anonymous user has right to see content and yes, I unchecked, saved,checked and saved again.

Nothing worked...

As it figured out, I deleted the author I stopped to work with and he had written book pages in the site database
It seems that Drupal uses some inner join in the permission check and once the writer was not found, it reacted with strange "You are not authorized to access" error.

The solution was to change "ownership" of the content from non existing author (uid=2) to existing author(uid=1)

UPDATE node SET `node`.`uid` = 1 WHERE `node`.`uid` = 2;

IMHO, this issue should be treated by the engine itself. The interface allows to delete writer, but existing content should be treated appropriately.

Harry Slaughter’s picture

Harry Slaughter
Location Omaha NE USA
commented

this seems to be fixed in 4.7. assign bogus UIDs to a node and you'll see that the node *is* displayed and the author is uid 0.

--
Drupal tips, tricks and services
http://devbee.com/ - Effective Drupal

--
Devbee - http://devbee.net/

Eliyahu’s picture

Eliyahu commented

Is there an easy fix for this problem?

nathanmcginty’s picture

nathanmcginty commented

Had the same problem.

Upgrading from 4.6 to 4.7. Anonyomous user couldn't see anything.

This SQL command....

truncate table node_access;
insert into node_access VALUES(0, 0, 'all', 1, 0, 0);

Seems to have fixed the problem.

Now if I could only get my slash black theme to work again... :(

hope this helps someone.

uberkuh’s picture

uberkuh commented

It did! Thanks so much.

mennonot’s picture

mennonot commented

I had this same problem when upgrading from 4.6 to 4.7 and discovered that the problem was that the anonymous user rid in 4.7 is now defined in bootstrap.inc as 1. If your rid (as defined in the mysql role table) is not 1, then you need to change the variable in bootstraplinc. There are more details on this problem here:

http://drupal.org/node/87341

mauriciodarocha’s picture

mauriciodarocha commented

I have gotten Access Denied for Anonymous User with Permissions set properly as well.

And I'm actually a drupal newbie user, but I thought to leave this information.

I've tried many hacks even the ones changing the core, but the only thing that helped me was to install a module:

http://drupal.org/project/taxonomy_access

Good luck!

talski’s picture

talski commented

Thanks!!! you saved my life
INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);

CatherineMurphy’s picture

CatherineMurphy commented

I second that:

"Thanks!!! you saved my life"
INSERT INTO node_access VALUES (0, 0, 'all', 1, 0, 0);

After installing taxonomy_access module on 4.7. I had the same problem of access denied. I removed the module, but still had the same issue. that SQL command worked. thanks !!!

Bartezz’s picture

Bartezz commented

Same here... needed it after uninstalling node privacy by role....

________________
Live fast die young

mriedner’s picture

mriedner commented

We've got a site in development using Drupal 5.x, same deal.

For some reason Drupal has decided that new users on the site we are building do not have permission to edit their profiles.

All the permissions on the admin side are set to let them do it but, good ole Drupal, somewhere in the voodoo that it do, has decided that no, this is not the case.

After reading this topic, it seems the solutions currently are:

Randomly turn things on and off a couple times.
Uninstall modules and reinstall them a couple times.
Delete the entire userbase and start from scratch.
Delete the offending user, and start from scratch.
Hack the DB in various random ways.
Delete the site and start from scratch

No clues as to what causes it. No reasoning to the solutions. Just random flailing that may or may not work ( or make things worse ).

I can honestly say that I will never use Drupal again. This sort of unexplained phenomenon is par for the course. Everything is total utter Voodoo, from the way Drupal builds it's markup and div structure, to theming, to fundamentals like permission controls. If you are at the start of your project and getting this error, get out now while you still can before you get dragged into the ninth ring of Drupal hell like my team.

If anyone gets an -ACTUAL- solution to this problem, or a reason, please, let us all know.

8manj-dupe’s picture

8manj-dupe commented

I had the exact same issue as above, site had been under development for weeks, came back to complete the project and got access denied for all anonymous users, went through all the fixes above and go nothing but SQL errors when trying to import the scripts. Beginning to fear the worse, but fixed it in the end without any SQL queries or patches,

My fix: Node access table was called nodeaccess in the database I renamed this to node_access in phpmyadmin, problem solved how bizarre!!

SocialNicheGuru’s picture

SocialNicheGuru commented

subscribing

http://SocialNicheGuru.com
Delivering inSITE(TM), we empower you to deliver the right product and the right message to the right NICHE at the right time across all product, marketing, and sales channels.

US421’s picture

US421 commented

Me too. I had this problem first time today, after an upgrade.

smith2008’s picture

smith2008 commented

Hi Guys

Finally I had the time to look at this issue on my Drupal 6 site and I have a decent solution for it. For me it is happening like once or twice a month so I was fixing it manually by rebuilding the node access permissions which is really annoying so this is my better way to go:

function [MY_MODULE_NAME]_init()
{
    $test = db_fetch_array(db_query('select count(*) count from node_access;'));
    if(isset($test[0]) && $test[0]['count'] == 0)
    {
        db_query('TRUNCATE node_access;');
        db_query('INSERT INTO node_access (nid, gid, realm, grant_view, grant_update, grant_delete) VALUES (0, 0, "all", 1, 0, 0);');
    }
}

Where

[MY_MODULE_NAME]

is the name of one of my modules. You can put it to any module you like.