Magento2: Users permissions & roles (ACL), and redirect loop issue

Created on 31 Dec 2015  路  8Comments  路  Source: magento/magento2

Browser(s): Google Chrome (latest), Mozilla Firefox (latest)
OS: Linux
Magento Version: 2.0 (stable)

Description of problem

Magento 2 breaks if you try to login to admin panel using a user with a role that does not have any access resources.

How reproducible

Always

Steps to Reproduce

  1. Login to Magento 2 admin panel with your current admin user (that has full access).
  2. Add a new admin user from "System > Permissions > All Users" page.
  3. Go to permissions user roles page (System > Permissions > User Roles), and click "Add New Role" button.
  4. Fill the "Role Name" under "Role Info" tab.
  5. Go to "Role Resources" tab.
  6. Change "Resource Access" to "Custom".
  7. Make sure that all "Resources" check boxes are unchecked.
  8. Go to "Role Users" tab and select the new user that you added in step 2.
  9. Click "Save Role" button.
  10. Logout from admin panel.
  11. Login to admin panel with the new user that you created in step 2.

    Actual results

In Google Chrome, you will receive the following message:

This webpage has a redirect loop
ERR_TOO_MANY_REDIRECTS

Detailed error:

The webpage at http://{{magento2_base_url}}/admin/admin/noroute/denied/key/c3658bee1ce6e3d232bd0a6412a2f15c318989fd106b56bbd34e97eccac75a44/ has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.

In Firefox the message will appear like this:

The page isn't redirecting properly

Expected results

User should be redirected to admin panel, but to an "Access denied" page (Similar to Magento 1).

Additional info

-

Fixed in 2.3.x Clear Description Confirmed Format is not valid Ready for Work Reproduced on 2.1.x Reproduced on 2.2.x bug report
Source
picture akai-z
👍2

Most helpful comment

Faced the same issue myself today trying to move some database entries around.

Resolved by:

  1. check admin_user table for correct entries
  2. check authorization_role for correct entries
  3. check authorization_rule for correct entries
  4. clear var/cache folder
  5. clear browser cache

With the tables worse case scenario (to give you control back) and assuming you have at least one valid admin user with id 1 in admin_users truncate and insert the following into

authorization_role

'1','0','1','1','G','0','2','Administrators'
'2','1','2','0','U','1','2','admin'

authorization_rule

'1','1','Magento_Backend::all',NULL,'allow'
'2','2','Magento_Backend::all',NULL,'allow'

picture george-vlahakis on 21 Jul 2017
🎉2

All 8 comments

Hi @amr-z

Internal ticket MAGETWO-47917 was created to investigate this issue

shiftedreality picture shiftedreality on 14 Jan 2016

shiftedreality/victorgugo,

Can either of you tell me if this is still an active issue. I have the same thing going on except in a different scenario. Mine is in a post M2 2.0.5 upgrade from 2.0.4.

Thanks.

smalenshek picture smalenshek on 3 May 2016

Was this by any chance resolved? because it is still happening in 2017.

alihalabyah picture alihalabyah on 6 Jul 2017

Faced the same issue myself today trying to move some database entries around.

Resolved by:

  1. check admin_user table for correct entries
  2. check authorization_role for correct entries
  3. check authorization_rule for correct entries
  4. clear var/cache folder
  5. clear browser cache

With the tables worse case scenario (to give you control back) and assuming you have at least one valid admin user with id 1 in admin_users truncate and insert the following into

authorization_role

'1','0','1','1','G','0','2','Administrators'
'2','1','2','0','U','1','2','admin'

authorization_rule

'1','1','Magento_Backend::all',NULL,'allow'
'2','2','Magento_Backend::all',NULL,'allow'

george-vlahakis picture george-vlahakis on 21 Jul 2017
🎉2

Any chance of porting this fix back to 2.2?

edit: nevermind, my issue was different

mattcoz picture mattcoz on 9 Nov 2017

Hi @engcom-backlog-nazar. Thank you for working on this issue.
Looks like this issue is already verified and confirmed. But if your want to validate it one more time, please, go though the following instruction:

  • [ ] 1. Add/Edit Component: XXXXX label(s) to the ticket, indicating the components it may be related to.

  • [ ] 2. Verify that the issue is reproducible on 2.3-develop branch

    Details- Add the comment @magento-engcom-team give me 2.3-develop instance to deploy test instance on Magento infrastructure.
    - If the issue is reproducible on 2.3-develop branch, please, add the label Reproduced on 2.3.x.
    - If the issue is not reproducible, add your comment that issue is not reproducible and close the issue and _stop verification process here_!

  • [ ] 3. Verify that the issue is reproducible on 2.2-develop branch.

    Details- Add the comment @magento-engcom-team give me 2.2-develop instance to deploy test instance on Magento infrastructure.
    - If the issue is reproducible on 2.2-develop branch, please add the label Reproduced on 2.2.x

  • [ ] 4. If the issue is not relevant or is not reproducible any more, feel free to close it.

magento-engcom-team picture magento-engcom-team on 14 Nov 2018

Hi @akai-z The issue was re-tested and we can confirm that it was fixed on the 2.3 release branch. We closing this issue as fixed due to upcoming 2.3 release that will be available soon.

ghost picture ghost on 14 Nov 2018

I had the same issue, but the only thing I need to have checked for the role is 'My account'

neuronylucian picture neuronylucian on 7 Sep 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

xi-ao picture xi-ao  路  3Comments
ostmond picture ostmond  路  3Comments
denis-g picture denis-g  路  3Comments
fvillata picture fvillata  路  3Comments
gg24 picture gg24  路  3Comments