WP3.3 Login/Cookie/Permissions Issues - Could be DM Plugin

Hi,

I'm posting this in the Domain Mapping plugin area as the issues are possibly connected - though I am more than happy to stand corrected as it's doing my head in!

Upgraded to WP3.3 and a bunch of compatibility updates (Marketpress etc.) - had database and file backups so went into it confident of being able to roll back.

Everything seemed to go fine - main site and a couple of client sites all looked to be working no problem. Then I got a report that when signing in, a user was seeing "You do not have sufficient permissions to access this page".

Been investigating and the situation is actually a bit bizarre - seems like it could be cross-domain cookie related, hence thinking of the DM plugin.

1. Super Admin no longer has automatic access to sub-sites.

Previously, if I was logged into the main site as the super admin user and then browsed to a sub-site, the Buddpypress bar would be shown and I could access the sub-site Dashboard as the Super Admin

Now I log into the main site (wahmboozle.com.au) and when I hit a sub-site (e.g. outbackaromas.com) I do not appear to be logged in there

2. If I log into the sub-site using the Super Admin credentials, I get into the sub-site dashboard no problem at all. I am not automatically logged into the main site though.

3. If I log into the sub-site using the client's credentials (normal Admin user) I am logged in (if I view the public site, the nav bar is shown) however when trying to access the Dashboard I see the message "You do not have sufficient permissions to access this page"

As mentioned, this is multisite, WP 3.3, Domain Mapping (latest), Buddypress 1.5.2, Marketpress and a few other plugins.

Has this been raised by anyone else, or am I in for a lengthy process of activating and deactivating plugins to see which one is preventing the cross-domain cookie updates (or whatever is going on!)

cheers
Gary

  • Philip John

    Hiya!

    1. Domain mapping has never been able to do cross-domain cookies so it's like that you were able to switch between dashboards because WordPress remembered you on each domain individually. The cookies would have been reset when you upgraded to v3.3

    2. What do you see in the URL when you go to a sub-site dashboard - the mapped domain, or original (network) domain?

    3. Have you cleared all cookies, or tried in different browsers?

    I've not heard of this yet and it definitely sounds cookie related so probably just a case of flushing out any caches.

    Thanks,
    Phil

  • Gary

    Hi Phil,

    1. Never been able to do cross-domain cookies? That's not what the info on the plugin page says, surely?

    "we've built in cross domain cookie syncing, so your users will stay logged in (or out) regardless of whether they are on your standard domain or their custom one."

    2. When I go to the sub-site dashboard it uses the mapped domain - that's as expected because that's how the Admin setting is configured.

    Have tried different browsers, machines - cleared cookies etc.

    The more I think about it - I don't know if the permissions issue is part of this cross-domain / domain mapping stuff. Will soon know, as soon as the domain-related issues are sorted!

    cheers
    Gary

  • Gary

    Quick update one one issue so that others may benefit AND so you guys aren't chasing shadows...

    After spending a bit of time pulling my hair out, Googling various permutations of the error message etc. I have now found and fixed the cause of the "You do not have sufficient permissions to access this page" message.

    The big clue came from a WPMUDev forum post, and a solution was found soon afterwards.

    https://premium.wpmudev.org/forums/topic/missing-roles-in-drop-downs-for-add-new-users#post-34962

    http://wordpress.stackexchange.com/questions/11725/help-why-my-roles-are-not-showing-multi-site-network

    The wp_##_user_roles setting was missing from every blog in my database - undoubtedly because they were created using the WPMUDev template plugin, and the template blog has no wp_##_user_roles setting somehow - probably stems back to some early stuff ups on my part.

    The confusing thing is that it was working fine prior to the 3.3 upgrade cycle - so I suspect the previous version had somehow worked due to an "undocumented feature" :slight_smile:

    If that's the case then the new version of the core and plugins work correctly, exposing my configuration issues. I'm going to take a peek at an old db backup when I get a chance, just to confirm the settings have always been missing (as opposed to mysteriously disappearing with the 3.3. upgrade).

    This simplifies the situation report - forget about the permissions issue, the problem now boils down to logins not working cross-domain for mapped domains despite the plugin documentation clearly saying they should.

    1 small step forward anyway :slight_smile:

  • Gary

    May not be an issue in NBT - it might simply be replicating "bad" settings faithfully in true GIGO style.

    If cross-domain cookies were supported, why no longer? Plugin info needs changing to reflect that, however it does raise some issues. Using Marketpress, Buddypress, Multisite and domain mapping, how can customers of sub-site stores register for that sub-site? Indeed, how could they even simply become subscribers?

    1. The signup URL on customdomain.com redirects to BP maindomain.com/register
    2. The "customer" becomes a member of the main site
    3. Their cookie would not be recognised on customdomain.com :slight_frown:

    The "customer" would never be able to join customdomain.com, which effectively cuts out the type of usage that would undoubtedly be expected by sub-site owners, and makes the most sense to me!

    Would deactivating Buddypress allow user registration at sub-site level - i.e. customdomain.com/wp-signup.php - to work? I think I'd rather lose the social network community aspects than signups for sub-site custom domains.

    Any plans to re-add the cross-domain cookie support?

    cheers

  • Gary

    OK Phil, you finally won me over :slight_smile:

    If the customer gets sent to the main site to register, clicks the activation link that is sent etc. etc. they can then log into ANY sub-site at the checkout stage.

    So it's a process/model that can work I think, provided it's explained. The plugin info had set me thinking in one particular way, so thanks for taking the time to (eventually) get my thinking re-aligned lol.

    On the plus side, it exposes sub-site customers to the main site and community, which in this instance should be a good thing for all concerned.

    Marked as resolved. Now I just need to figure out the best way to provide shoppers with registration links.

    cheers