–Block– user role not blocking

  • Resolved geckonet

    (@geckonet)


    6 years, 11 months ago

    Hi Tom,

    Love your work, just can’t seem to get the role mapping to block users from logging in.
    We have 1.7.1 and WP 5.2.1

    We have set role mappings to the subscriber, Contributor and ‘–BLOCK–‘ roles. (Contributor is just there for testing purposes. We really only need subscribed and blocked)
    I’m not using the multiple roles setting for external login. Users can only have one role.

    I can create an user in the external database, login them in and see they are created with the role subscriber.
    I sign them out, change the role in the external database to ‘Contributor’ and when I log them back in I see their role in WP is updated to Contributor.
    I can repeat the process to change the back to subscriber.
    However when I try to change them to ‘—BLOCK—’ nothing happens. The user in wordpress is not updated. Their role remains the same and they still have access.

    I had expected the user in WP to be set to ‘no role for this site’ or made inactive but that’s not occurring.

    Please help!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author tbenyon

    (@tbenyon)

    6 years, 11 months ago

    Hey @geckonet,

    Thanks for the detailed posts.

    Just wanted to let you know I’m not ignoring you and am just struggling to find the time to properly look into this.

    I’m hoping to get this resolved this weekend.

    Will keep you posted but feel free to chase me on Monday if you haven’t heard back 🙂

    Tom

    Plugin Author tbenyon

    (@tbenyon)

    6 years, 11 months ago

    Hey @geckonet,

    I have just tested this and it is working completely as expected my end using 1.7.1 and 5.2.1.

    Once you change the setting in the plugin to make that user role blocked you should get an error next time you try to login that says “You are not allowed access”.

    In case you’re interested and technically minded you can see the logic for this feature in this file:
    login/authenticate.php

    
        $block_access_due_to_role = true;
        foreach ($roles as $role) {
            if ($role != EXLOG_ROLE_BLOCK_VALUE) {
                $block_access_due_to_role = false;
            }
        }

        // If a user was found
        if ($response) {

            // If role is blocking user access
            if ($block_access_due_to_role) {
                $user = new WP_Error('denied', __("You are not allowed access"));

    Are you sure you’ve written the role to be blocked in the same CaSe as it is in the database?

    To help you diagnose further you could modify the snippet of code I shared with you above to the following and then look at your php error logs to see what it is doing:

    

$roles = exlog_map_role($response['role']);


$block_access_due_to_role = true;

error_log('---------EXLOG: STARTING ROLE CHECKING---------');

error_log('---EXLOG: ROLES:');

error_log(var_export($roles, true));

foreach ($roles as $role) {

    error_log('-----EXLOG: ROLE:');

    error_log(var_export($role, true));

    error_log('-----EXLOG: CHECK:');

    error_log(var_export(EXLOG_ROLE_BLOCK_VALUE, true));

    error_log('-----EXLOG: ARE THEY NOT EQUAL?:');

    error_log(var_export($role != EXLOG_ROLE_BLOCK_VALUE, true));

    if ($role != EXLOG_ROLE_BLOCK_VALUE) {

        $block_access_due_to_role = false;

    }

}


error_log('-----EXLOG: FINAL - Should we block em?!');
error_log(var_export($block_access_due_to_role, true));
error_log('---------EXLOG: END ROLE CHECKING---------');

// If a user was found
if ($response) {

    This shows in my error logs when I do NOT have a blocked role set in the external database:

    

[15-Jun-2019 13:15:14 UTC] ---------EXLOG: STARTING ROLE CHECKING---------
[15-Jun-2019 13:15:14 UTC] ---EXLOG: ROLES:
[15-Jun-2019 13:15:14 UTC] array (
  0 => 'administrator',
)
[15-Jun-2019 13:15:14 UTC] -----EXLOG: ROLE:
[15-Jun-2019 13:15:14 UTC] 'administrator'
[15-Jun-2019 13:15:14 UTC] -----EXLOG: CHECK:
[15-Jun-2019 13:15:14 UTC] 'exlog_block'
[15-Jun-2019 13:15:14 UTC] -----EXLOG: ARE THEY NOT EQUAL?:
[15-Jun-2019 13:15:14 UTC] true
[15-Jun-2019 13:15:14 UTC] -----EXLOG: FINAL - Should we block em?!
[15-Jun-2019 13:15:14 UTC] false
[15-Jun-2019 13:15:14 UTC] ---------EXLOG: END ROLE CHECKING---------

    This shows in my error logs when I do NOT have a blocked role set in the external database:

    

[15-Jun-2019 13:17:02 UTC] ---------EXLOG: STARTING ROLE CHECKING---------
[15-Jun-2019 13:17:02 UTC] ---EXLOG: ROLES:
[15-Jun-2019 13:17:02 UTC] array (
  0 => 'exlog_block',
)
[15-Jun-2019 13:17:02 UTC] -----EXLOG: ROLE:
[15-Jun-2019 13:17:02 UTC] 'exlog_block'
[15-Jun-2019 13:17:02 UTC] -----EXLOG: CHECK:
[15-Jun-2019 13:17:02 UTC] 'exlog_block'
[15-Jun-2019 13:17:02 UTC] -----EXLOG: ARE THEY NOT EQUAL?:
[15-Jun-2019 13:17:02 UTC] false
[15-Jun-2019 13:17:02 UTC] -----EXLOG: FINAL - Should we block em?!
[15-Jun-2019 13:17:02 UTC] true
[15-Jun-2019 13:17:02 UTC] ---------EXLOG: END ROLE CHECKING---------

    Tom

    Thread Starter geckonet

    (@geckonet)

    6 years, 11 months ago

    Thanks Tom that is super helpful.
    I did have the role in my database and in the config in the same case.
    Your logging snippets should greatly help determine what is going on.

    Close this case for the time being and I will post later if I find an issue or get stuck.

    Plugin Author tbenyon

    (@tbenyon)

    6 years, 11 months ago

    Hey @geckonet,

    I’ll do as you recommend and close this for now.

    If you have any more issues just come back here and we’ll make this a live issue again.

    In the meantime, if you get a chance, I’d be REALLY grateful if you could write me a one line review.

    Thanks,

    Tom

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘–Block– user role not blocking’ is closed to new replies.

Tags