User added to group must log out first?
Permalink 1 user found helpful
I have a site built on concrete 5.6.0.1. I have turned on advanced permissions and have several pages/block setup to take advantage of this nifty feature...
However, I have a problem -
1) An existing user that is currently logged into the site gets added to a user group (either programmatically or through the Dashboard).
2) The user attempts to access a page that has been manually altered to accept only users who are in a specific user group (to which the user was added in step 1).
3) Instead of being able to access the page, the user receives a "Page Forbidden".
4) The only way for the user to access the page is to log out and log back in (this is unacceptable).
Any ideas on how to solve this? or am I missing something that I should be doing?
However, I have a problem -
1) An existing user that is currently logged into the site gets added to a user group (either programmatically or through the Dashboard).
2) The user attempts to access a page that has been manually altered to accept only users who are in a specific user group (to which the user was added in step 1).
3) Instead of being able to access the page, the user receives a "Page Forbidden".
4) The only way for the user to access the page is to log out and log back in (this is unacceptable).
Any ideas on how to solve this? or am I missing something that I should be doing?
This is an older thread, but I just hit this problem myself (in 5.6.1.2) and found a suitable solution.
I found that:
worked to update the session information with the groups the user is currently in.
Although I'm sure it adds some overhead to page loads, I simply added in my theme's header.php file, pretty much before everything else.
This worked for me, so a user's groups (and therefore group permissions) instantly update if they are changed in the dashboard by an admin or modified programatically.
Ecommerce already runs refreshUserGroups() upon the completion of an order, but I think there might be cases where this doesn't work quite right (maybe a bug, maybe just me). The above at least ensures the groups are correct on every page load.
I found that:
$u = new User(); $u->refreshUserGroups();
worked to update the session information with the groups the user is currently in.
Although I'm sure it adds some overhead to page loads, I simply added in my theme's header.php file, pretty much before everything else.
This worked for me, so a user's groups (and therefore group permissions) instantly update if they are changed in the dashboard by an admin or modified programatically.
Ecommerce already runs refreshUserGroups() upon the completion of an order, but I think there might be cases where this doesn't work quite right (maybe a bug, maybe just me). The above at least ensures the groups are correct on every page load.
Hi Mesuva,
I confirm your solution is the best. It was also implemented by the core team in the e-commerce add-on for the same problem so it's most likely the way to go.
I confirm your solution is the best. It was also implemented by the core team in the e-commerce add-on for the same problem so it's most likely the way to go.
you can change the session values.
Below you find the code I used for a simular problem.
Whith this workaround you don't need to logout befor activating the group.
Best regards,
Eric