this is my last post for today :))

Just an idea:
Is it possible you have these "Access denied" issues in a following
scenario:
1) You have created rooms via Moodle plugin
2) Most probably have deleted some Rooms in the system
3) you did update OM via import/export
4) You successfully connected to Om and tried to enter the room created at
step #1 ?

The reason I'm asking: OM room IDs are being changed as a result of
import/export
While trying to enter the room with OLD id you will most probably get
"Access Denied"

Is this the case?


On Sun, 5 Apr 2020 at 23:15, Maxim Solodovnik <solomax...@gmail.com> wrote:

> Latest (unreleased) Moodle plugin is for M4 only
> This is why it doesn't work with M3
>
> Do you have reproducible steps?
> Client os/browser name/version?
> Is your issue browser dependent ?
>
> On Sun, Apr 5, 2020, 23:04 Zenon Panoussis <ora...@provocation.net> wrote:
>
>>
>>
>> > **DEBUG 04-05 14:37:46.297 o.a.o.d.u.AuthLevelUtil:40 [io-5443-exec-10]
>> - Level Admin :: [DENIED]*
>>
>> I am also struggling with "invalid hash" and I am seeing the same
>> thing:
>>
>> catalina.out:
>>
>> DEBUG 04-05 15:09:55.925 o.a.o.w.UserWebService:107 [apr-5443-exec-8] -
>> Login user
>> DEBUG 04-05 15:09:55.933 o.a.o.d.d.u.UserDao:623 [apr-5443-exec-8] -
>> login:: 1 users were found
>> DEBUG 04-05 15:09:56.986 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-8] -
>> Level Login :: [GRANTED]
>> DEBUG 04-05 15:09:56.987 o.a.o.d.d.u.UserDao:640 [apr-5443-exec-8] -
>> login user groups [GroupUser [id=1, moderator=false, group=Group [id=1,
>> name=www.uba.fi, deleted=false], user=User [id=1, firstname=OM,
>> lastname=Admin, login=[admin username], pictureuri=null, deleted=false,
>> languageId=8, address=Address [id=1, country=AR, street=null, town=null,
>> zip=null, deleted=false, email=[admin email], phone=null], externalId=null,
>> type=user]]]
>> DEBUG 04-05 15:09:56.996 o.a.o.d.d.s.SessiondataDao:78 [apr-5443-exec-8]
>> - create :: create
>> DEBUG 04-05 15:09:56.996 o.a.o.d.d.s.SessiondataDao:48 [apr-5443-exec-8]
>> - startsession :: startsession
>> DEBUG 04-05 15:09:57.007 o.a.o.w.UserWebService:114 [apr-5443-exec-8] -
>> Login user: 1
>> DEBUG 04-05 15:09:57.069 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-5] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:09:57.070 o.a.o.w.UserWebService:308 [apr-5443-exec-5] -
>> RemoteSessionObject [username=zenonp, firstname=Zenon, lastname=Panoussis,
>> pictureUrl=null, email=ora...@provocation.net, externalUserId=4,
>> externalUserType=moodle]
>> DEBUG 04-05 15:09:57.073 o.a.o.w.UserWebService:312 [apr-5443-exec-5] -
>> xmlString <remoteSessionObject>
>>    <username>zenonp</username>
>>    <firstname>Zenon</firstname>
>>    <lastname>Panoussis</lastname>
>>    <email>ora...@provocation.net</email>
>>    <externalUserId>4</externalUserId>
>>    <externalUserType>moodle</externalUserType>
>> </remoteSessionObject>
>> DEBUG 04-05 15:09:58.780 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-17] -
>> Level Admin :: [DENIED]
>> INFO  04-05 15:09:58.782 o.a.o.d.d.r.RoomDao:83 [pr-5443-exec-17] -
>> [get]: No room id given
>>
>> The moodle plugin is configured with
>> username: OM admin
>> password: OM admin password
>>
>> The moodle activity room was created by
>> username: zenonp
>> password: zenonp password
>>
>> That is a normal setup: zenonp is a teacher who must be able to
>> add and manage an OM room in his course, but should not have
>> administrator rights on the OM application itself.
>>
>> So, for this to work, (method 1) the plugin should use the OM admin
>> credentials to create the user zenonp, then create the new room as
>> owned by zenonp, then switch to the zenonp user so that the teacher
>> can get in the room.
>>
>> Or that (method 2) the plugin should use the OM admin credentials
>> to create the user zenonp, then switch to the zenonp user so that
>> the teacher can create the room and then get in it.
>>
>> What happened in reality is that the user zenonp was created in the
>> OM database (with an empty password, external_id 4 and om_user_right 2),
>> but the room was not created.
>>
>> Thus, so far it seems that method 2 is used and the problem occurs
>> after switching user. But why did user zenonp request level admin?
>> And why was a room id expected if the room was going to be created?
>>
>> openmeetings.log has more detail:
>>
>> DEBUG 04-05 15:09:57.073 o.a.o.w.UserWebService:312 [apr-5443-exec-5] -
>> xmlString <remoteSessionObject>
>>    <username>zenonp</username>
>>    <firstname>Zenon</firstname>
>>    <lastname>Panoussis</lastname>
>>    <email>ora...@provocation.net</email>
>>    <externalUserId>4</externalUserId>
>>    <externalUserType>moodle</externalUserType>
>> </remoteSessionObject>
>> DEBUG 04-05 15:09:58.780 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-17] -
>> Level Admin :: [DENIED]
>>  INFO 04-05 15:09:58.782 o.a.o.d.d.r.RoomDao:83 [pr-5443-exec-17] -
>> [get]: No room id given
>> DEBUG 04-05 15:17:18.268 o.a.o.s.q.s.ReminderJob:93 [Bean#0_Worker-6] -
>> Rss disabled by Admin
>> DEBUG 04-05 15:25:29.643 o.a.o.w.UserWebService:107 [pr-5443-exec-14] -
>> Login user
>> DEBUG 04-05 15:25:29.666 o.a.o.d.d.u.UserDao:623 [pr-5443-exec-14] -
>> login:: 1 users were found
>> DEBUG 04-05 15:25:30.752 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-14] -
>> Level Login :: [GRANTED]
>> DEBUG 04-05 15:25:30.761 o.a.o.d.d.u.UserDao:640 [pr-5443-exec-14] -
>> login user groups [GroupUser [id=1, moderator=false, group=Group [id=1,
>> name=www.uba.fi, deleted=false], user=User [id=1, firstname=OM,
>> lastname=Admin, login=[admin username], pictureuri=null, deleted=false,
>> languageId=8, address=Address [id=1, country=AR, street=null, town=null,
>> zip=null, deleted=false, email=[admin email], phone=null], externalId=null,
>> type=user]]]
>> DEBUG 04-05 15:25:30.793 o.a.o.d.d.s.SessiondataDao:78 [pr-5443-exec-14]
>> - create :: create
>> DEBUG 04-05 15:25:30.804 o.a.o.d.d.s.SessiondataDao:48 [pr-5443-exec-14]
>> - startsession :: startsession
>> DEBUG 04-05 15:25:30.817 o.a.o.w.UserWebService:114 [pr-5443-exec-14] -
>> Login user: 1
>> DEBUG 04-05 15:25:30.902 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-3] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:25:30.903 o.a.o.d.d.r.RecordingDao:81 [apr-5443-exec-3] -
>> getByExternalType :externalType: moodle
>> DEBUG 04-05 15:25:30.947 o.a.o.w.FileWebService:192 [apr-5443-exec-6] -
>> getAllExternal::externalType moodle
>> DEBUG 04-05 15:25:30.975 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-6] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:25:30.977 o.a.o.d.d.f.FileItemDao:125 [apr-5443-exec-6] -
>> get external started
>> DEBUG 04-05 15:25:31.084 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-19] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:25:31.085 o.a.o.d.d.r.RecordingDao:81 [pr-5443-exec-19] -
>> getByExternalType :externalType: moodle
>> DEBUG 04-05 15:25:31.112 o.a.o.w.FileWebService:192 [apr-5443-exec-5] -
>> getAllExternal::externalType moodle
>> DEBUG 04-05 15:25:31.124 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-5] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:25:31.125 o.a.o.d.d.f.FileItemDao:125 [apr-5443-exec-5] -
>> get external started
>> DEBUG 04-05 15:26:15.998 o.a.o.w.UserWebService:107 [pr-5443-exec-14] -
>> Login user
>> DEBUG 04-05 15:26:16.010 o.a.o.d.d.u.UserDao:623 [pr-5443-exec-14] -
>> login:: 1 users were found
>> DEBUG 04-05 15:26:17.040 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-14] -
>> Level Login :: [GRANTED]
>> DEBUG 04-05 15:26:17.042 o.a.o.d.d.u.UserDao:640 [pr-5443-exec-14] -
>> login user groups [GroupUser [id=1, moderator=false, group=Group [id=1,
>> name=www.uba.fi, deleted=false], user=User [id=1, firstname=OM,
>> lastname=Admin, login=[admin username], pictureuri=null, deleted=false,
>> languageId=8, address=Address [id=1, country=AR, street=null, town=null,
>> zip=null, deleted=false, email=[admin email], phone=null], externalId=null,
>> type=user]]]
>> DEBUG 04-05 15:26:17.051 o.a.o.d.d.s.SessiondataDao:78 [pr-5443-exec-14]
>> - create :: create
>> DEBUG 04-05 15:26:17.052 o.a.o.d.d.s.SessiondataDao:48 [pr-5443-exec-14]
>> - startsession :: startsession
>> DEBUG 04-05 15:26:17.061 o.a.o.w.UserWebService:114 [pr-5443-exec-14] -
>> Login user: 1
>> DEBUG 04-05 15:26:17.114 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-3] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:26:17.115 o.a.o.d.d.r.RecordingDao:81 [apr-5443-exec-3] -
>> getByExternalType :externalType: moodle
>> DEBUG 04-05 15:26:17.159 o.a.o.w.FileWebService:192 [apr-5443-exec-6] -
>> getAllExternal::externalType moodle
>> DEBUG 04-05 15:26:17.184 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-6] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:26:17.186 o.a.o.d.d.f.FileItemDao:125 [apr-5443-exec-6] -
>> get external started
>> DEBUG 04-05 15:26:17.284 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-19] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:26:17.285 o.a.o.d.d.r.RecordingDao:81 [pr-5443-exec-19] -
>> getByExternalType :externalType: moodle
>> DEBUG 04-05 15:26:17.312 o.a.o.w.FileWebService:192 [pr-5443-exec-20] -
>> getAllExternal::externalType moodle
>> DEBUG 04-05 15:26:17.328 o.a.o.d.u.AuthLevelUtil:40 [pr-5443-exec-20] -
>> Level Soap :: [GRANTED]
>> DEBUG 04-05 15:26:17.330 o.a.o.d.d.f.FileItemDao:125 [pr-5443-exec-20] -
>> get external started
>> DEBUG 04-05 15:26:17.405 o.a.o.w.UserWebService:107 [apr-5443-exec-2] -
>> Login user
>> DEBUG 04-05 15:26:17.411 o.a.o.d.d.u.UserDao:623 [apr-5443-exec-2] -
>> login:: 1 users were found
>> DEBUG 04-05 15:26:18.458 o.a.o.d.u.AuthLevelUtil:40 [apr-5443-exec-2] -
>> Level Login :: [GRANTED]
>> DEBUG 04-05 15:26:18.459 o.a.o.d.d.u.UserDao:640 [apr-5443-exec-2] -
>> login user groups [GroupUser [id=1, moderator=false, group=Group [id=1,
>> name=www.uba.fi, deleted=false], user=User [id=1, firstname=OM,
>> lastname=Admin, login=[admin username], pictureuri=null, deleted=false,
>> languageId=8, address=Address [id=1, country=AR, street=null, town=null,
>> zip=null, deleted=false, email=[admin email], phone=null], externalId=null,
>> type=user]]]
>> DEBUG 04-05 15:26:18.466 o.a.o.d.d.s.SessiondataDao:78 [apr-5443-exec-2]
>> - create :: create
>> DEBUG 04-05 15:26:18.467 o.a.o.d.d.s.SessiondataDao:48 [apr-5443-exec-2]
>> - startsession :: startsession
>> DEBUG 04-05 15:26:18.473 o.a.o.w.UserWebService:114 [apr-5443-exec-2] -
>> Login user: 1
>>  WARN 04-05 15:26:18.505 o.a.c.j.u.InjectionUtils:597 [pr-5443-exec-14] -
>> Instance of class org.apache.openmeetings.db.dto.room.RoomDTO can not be
>> created using static valueOf(String) or fromString(String) methods
>>  WARN 04-05 15:26:18.508 o.a.c.j.i.WebApplicationExceptionMapper:73
>> [pr-5443-exec-14] - javax.ws.rs.WebApplicationException: HTTP 400 Bad
>> Request
>>         at
>> org.apache.cxf.jaxrs.utils.InjectionUtils.evaluateFactoryMethods(InjectionUtils.java:600)
>>         at
>> org.apache.cxf.jaxrs.utils.InjectionUtils.handleParameter(InjectionUtils.java:506)
>>         at
>> org.apache.cxf.jaxrs.utils.InjectionUtils.createParameterObject(InjectionUtils.java:1064)
>>         at
>> org.apache.cxf.jaxrs.utils.JAXRSUtils.processFormParam(JAXRSUtils.java:1034)
>>         at
>> org.apache.cxf.jaxrs.utils.JAXRSUtils.createHttpParameterValue(JAXRSUtils.java:940)
>>         at
>> org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameter(JAXRSUtils.java:900)
>>         at
>> org.apache.cxf.jaxrs.utils.JAXRSUtils.processParameters(JAXRSUtils.java:829)
>>         at
>> org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.processRequest(JAXRSInInterceptor.java:214)
>>         at
>> org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor.handleMessage(JAXRSInInterceptor.java:78)
>>         at
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
>>         at
>> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
>>         at
>> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
>>         at
>> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
>>         at
>> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
>>         at
>> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
>>         at
>> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216)
>>         at
>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301)
>>         at
>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:220)
>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
>>         at
>> org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>         at
>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>         at
>> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:178)
>>         at
>> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:300)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
>>         at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
>>         at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
>>         at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
>>         at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:643)
>>         at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
>>         at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
>>         at
>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
>>         at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
>>         at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
>>         at
>> org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
>>         at
>> org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
>>         at
>> org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:860)
>>         at org.apache.tomcat.util.net
>> .AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:1992)
>>         at
>> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
>>         at
>> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
>>         at
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>         at java.base/java.lang.Thread.run(Thread.java:834)
>> Caused by: java.lang.IllegalArgumentException: No enum constant
>> org.apache.openmeetings.db.entity.room.Room.Type.CONFERENCE
>>
>> So it was actually OM admin that tried to create the room (method 1).
>>
>> Does this help pinpoint the problem? OM is 5.0.0.M3 and the plugin
>> is github commit 98c2a87.
>>
>> Cheers,
>>
>> Z
>>
>

-- 
Best regards,
Maxim

Reply via email to