[Flow] You are not allowed to perform this action
Mark Kuiphuis
mark at capesso.com.au
Fri Mar 6 00:36:56 CET 2015
It looks like I have an outdated Policy.yaml (including ACL's)....
I read here:
http://docs.typo3.org/flow/TYPO3FlowDocumentation/TheDefinitiveGuide/PartIII/Security.html
that I could run a ./flow core:migrate but the script tells me that my
working copy is dirty and therefore no changes are made....
(I'll keep investigating and see how I go)
Cheers, Mark
On 6/03/2015 6:44 am, Mark Kuiphuis wrote:
> Hi all,
>
> I just tried to upgrade our application (deployment with TYPO3.Surf).
> My composer.json was loading the latest version of TYPO3/Flow 2.3.* so
> automatically 2.3.2 was downloaded.
>
> After the deployment whenever I try to login to our application I get
> the following error:
>
> #1216919280: You are not allowed to perform this action.
>
> The full stacktrace does not refer to any of the files in one of our own
> packages which tends me to believe there is potentially a problem in
> TYPO3.Flow (but I could be totally wrong).
>
> The Exceptions.txt contains the following piece of code:
>
> ############
> Uncaught exception #1216919280 in line 69 of
> /var/www/applications/client/releases/20150306053852/Data/Temporary/Development/Cache/Code/Flow_Object_Classes/TYPO3_Flow_Security_Authorization_RequestFilter.php:
> You are not allowed to perform this action.
>
> 15
> TYPO3\Flow\Security\Authorization\Interceptor\AccessDeny_Original::invoke()
> 14
> TYPO3\Flow\Security\Authorization\RequestFilter_Original::filterRequest(TYPO3\Flow\Mvc\ActionRequest)
>
> 13
> TYPO3\Flow\Security\Authorization\FilterFirewall_Original::blockIllegalRequests(TYPO3\Flow\Mvc\ActionRequest)
>
> 12
> TYPO3\Flow\Security\Aspect\RequestDispatchingAspect_Original::blockIllegalRequestsAndForwardToAuthenticationEntryPoints(TYPO3\Flow\Aop\JoinPoint)
>
> 11 TYPO3\Flow\Aop\Advice\AroundAdvice::invoke(TYPO3\Flow\Aop\JoinPoint)
> 10 TYPO3\Flow\Aop\Advice\AdviceChain::proceed(TYPO3\Flow\Aop\JoinPoint)
> 9 TYPO3\Flow\Mvc\Dispatcher::dispatch(TYPO3\Flow\Mvc\ActionRequest,
> TYPO3\Flow\Http\Response)
> 8 call_user_func_array(array|2|, array|2|)
> 7
> TYPO3\Flow\Object\DependencyInjection\DependencyProxy::__call("dispatch", array|2|)
>
> 6
> TYPO3\Flow\Object\DependencyInjection\DependencyProxy::dispatch(TYPO3\Flow\Mvc\ActionRequest,
> TYPO3\Flow\Http\Response)
> 5
> TYPO3\Flow\Mvc\DispatchComponent_Original::handle(TYPO3\Flow\Http\Component\ComponentContext)
>
> 4
> TYPO3\Flow\Http\Component\ComponentChain_Original::handle(TYPO3\Flow\Http\Component\ComponentContext)
>
> 3
> TYPO3\Flow\Http\Component\ComponentChain_Original::handle(TYPO3\Flow\Http\Component\ComponentContext)
>
> 2 TYPO3\Flow\Http\RequestHandler::handleRequest()
> 1 TYPO3\Flow\Core\Bootstrap::run()
> ############
>
> After searching for this error code I changed the
> TYPO3.Flow.security.enable from TRUE to FALSE. Flushed the cache, warmed
> up the cache and now it allows me to login. But since we don't only use
> authentication, but also authorization (certain users don't have access
> to certain parts of the application) they now suddenly do, because of
> the FALSE value for TYPO3.Flow.security.enable
>
> Then my thought was that my Policy.yaml could potentially contain a bug,
> however running the command: ./flow configuration:show Policy (to make
> sure my rules which are defined in one package) did reveal all entries
> from our Policy.yaml
>
> Then the command: ./flow configuration:validate Policy returned that the
> Policy was valid.
>
> Then I redid the deployment, but now set the TYPO3 Flow version back to
> 2.3.1 in the composer.json and ran another deployment. Now the same
> error also appears on 2.3.1. (never did that before)
>
> Any ideas?
>
> The website runs on a Debian 7.8. machine with PHP Version:
> 5.4.38-1~dotdeb.1
>
> Thanks in advance,
>
> Mark Kuiphuis
More information about the Flow
mailing list