profile
viewpoint

alyberty/syncthing-bar 4

A statusbar for syncthing on Mac OS X

alyberty/NotLinuxAjazzAK33RGB 0

Not a Linux utility for the AJAZZ AK33 RGB keyboard

alyberty/qspectrumanalyzer 0

Spectrum analyzer for multiple SDR platforms (PyQtGraph based GUI for soapy_power, hackrf_sweep, rtl_power, rx_power and other backends)

alyberty/RSBarcodes 0

1D and 2D barcodes scanner and generators for iOS7 with delightful controls.

alyberty/we-love-colors 0

PANTONE®, RAL®, Dulux®, Copic® and Prismacolor® color palettes for Scribus, GIMP & Inkscape, the Python way.

issue commentopendistro-for-elasticsearch/community

Login redirect loop when trying to access Kibana

For any future reference, the opendistro_security.cookie.secure option sets the secure flag on the cookies. If you access your kibana instance over http (not https), these cookies are not sent over the unsecured connection. In general the secure option prevents cookies from being sent over an unsecured connection.

Atreus-Technologies

comment created time in 16 days

issue commentether/etherpad-lite

Unable to Access Group(Private) Pad.

Thanks for the quick reply! The cherry pick 3886e95 didn't fix it, but your proposed change in #4357 did. Can be closed for me.

chetanmadaan

comment created time in a month

issue commentether/etherpad-lite

Unable to Access Group(Private) Pad.

I also observed this behavior after an upgrade to 1.8.6 (from something old). Any group pad results in "You do not have permission to access this pad". I also tried to disable the access restrictions to the pad (via setPublicStatus), which at least changes the behavior. After this, the pad is stuck at "Loading..." I also found these errors in the logs when trying to load the "public" group pad:

[ERROR]  console - (node:16329) UnhandledPromiseRejectionWarning: ReferenceError: sesionAuthorID is not defined
    at Object.exports.checkAccess (/[...]/src/node/db/SecurityManager.js:129:56)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async Socket.<anonymous> (/srv/www/htdocs/pad.fs.tum.de/src/node/handler/SocketIORouter.js:101:34)

[WARN] console - handleClientReady(): client submitted no author name. Using "Anonymous". See: issue #3612

I used this to set up the group etc.:

#!/bin/bash
host="https://[...]"
apikey="[...]"
apiversion="1"

authorName="tester"
validUntil=$(($(date +%s) + 10000))
padName="Test"
echo "validUntil ${validUntil}"

groupID=$(curl -s "${host}/api/${apiversion}/createGroup?apikey=${apikey}" | jq -r '.data.groupID')
authorID=$(curl -s "${host}/api/${apiversion}/createAuthorIfNotExistsFor?apikey=${apikey}&name=${authorName}" | jq -r '.data.authorID')
sessionID=$(curl -s "${host}/api/${apiversion}/createSession?apikey=${apikey}&groupID=${groupID}&authorID=${authorID}&validUntil=${validUntil}" | jq -r '.data.sessionID')

echo "Group   ID: ${groupID}"
echo "Author  ID: ${authorID}"
echo "Session ID: ${sessionID}"

padID="${groupID}\$${padName}" 
echo ${padID}

sessionInfo=$(curl -s "${host}/api/${apiversion}/getSessionInfo?apikey=${apikey}&sessionID=${sessionID}")
echo "SessionInfo: ${sessionInfo}" 
groupPad=$(curl -s "${host}/api/${apiversion}/createGroupPad?apikey=${apikey}&groupID=${groupID}&padName=${padName}" | jq -r '.message')
echo "Group  Pad: ${groupPad}"
padInfo=$(curl -s "${host}/api/${apiversion}/getPublicStatus?apikey=${apikey}&padID=${padID}")
echo "Pad Info: ${padInfo}"

#setPublic
padPublic=$(curl -s "${host}/api/${apiversion}/setPublicStatus?apikey=${apikey}&padID=${padID}&publicStatus=True")
echo "Pad public ${padPublic}"

I couldn't find an easy way with curl to check if the pad would load, so I tested this manually. I also tried setting the username with "userName=tester" as get parameter, but it didn't change anything. Also tried different api versions, but it didn't change anything.

I'm running on debian buster being an apache2 proxy (set up according to: https://github.com/ether/etherpad-lite/wiki/How-to-put-Etherpad-Lite-behind-a-reverse-Proxy), node v13.13.0 and mariadb. I also tried running the cleanRun, but to no avail.

To get back to a working state (allow all) I tried to debug the SecurityManager.js. It seems that sessionAuthorID is undefined when I try to access the pad.

chetanmadaan

comment created time in a month

more