I'm trying to set up a couple of users at my geeklog site so they can create new polls. So far I've been unsuccessful. I assigned the users to the Poll Admin group, and they are able to edit existing polls, but when they try to create a new poll, they get this error:

Edit Poll

Access Denied

You are trying to access a poll that you don't have rights to. This attempt has been logged. Please go back to the poll administration screen.

Edit Poll

Access Denied

You are trying to access a poll that you don't have rights to. This attempt has been logged. Please go back to the poll administration screen.

Yes, that error is repeated. It's nested, too. Any idea what's going on? I can add new polls from my user name, which is assigned to all groups (root as well.)

thanks,
jon

What rights does your Poll Admin group have for rights?

At the top of admin/poll.php there is a call to SEC_hasRights(). That will check if the user has the right(s) needed to access the poll admin page. In this case, you need to make sure your Poll Admin group has access to the poll.edit right (via the group admin screen). Without it , the user can't use the poll administration page.

-----
The reason people blame things on previous generations is that there's only one other choice.

---

The reason people blame things on previous generations is that there's only one other choice.

You problem is in editPoll in admin/poll.php

after the call to SEC_hasAccess() put this:

COM_errorLog('access is ' . \$access);

Then check to see what this prints in your error.log

-----
The reason people blame things on previous generations is that there's only one other choice.

---

The reason people blame things on previous generations is that there's only one other choice.

First, I had to remove the \ from that code, because it didn't work
otherwise. But, with

COM_errorLog('access is ' . $access);

I get:

03/06/02 15:14:26 - access is

This is with a brand-new user I created and assigned to the "Poll Admin"
group.

hmm, well, you'll have to debug why $access is empty. It should return something for you.

-----
The reason people blame things on previous generations is that there's only one other choice.

---

The reason people blame things on previous generations is that there's only one other choice.

This is really interesting ...

In SEC_hasAccess I put some COM_errorLogs to see what was going on.
When SEC_hasAccess gets called from anywhere except for poll_edit as
a user who belongs to the Poll Admin group, I see valid entries for $uid,
$group_id, $owner_id and $perm_members. In these instances,
SEC_hasAccess works properly.

When SEC_hasAccess gets called from poll_edit, however, I get a valid
$uid, but those three other variables are all blank. SEC_hasAccess
returns $perm_members, and since it is blank, the poll can't be edited.

I suspect this is because $qid is blank, and

SELECT * FROM pollquestions WHERE qid = '';

returns 0 records. Since $question consists of an empty recordset,
$perm_members and the other variables are also blank.

When I do this as root user, it always returns 3, because of that root
check at the top of SEC_hasAccess.