Toolbar links to wrong user's dashboard

Created on 9 January 2023, almost 2 years ago
Updated 22 August 2023, over 1 year ago

Problem/Motivation

when I click the “moderation dashboard” it seems to be linking to someone else’s UserID:
example – I masqueraded as user A who has a userID of 1566. But when I hover over the “Moderation Dashboard” link, I can see it’s pointing to /user/3636/moderation-dashboard:

So, it shows an “Access Denied” error since that’s the wrong userID.

It might be cache related. I flushed the cache and it helped with one user but not others.

Steps to reproduce

Use Masquerade module
Masquerade to different user
Click on Moderation Dashboard, you will see in URL user id is different

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report
Status

Fixed

Version

2.1

Component

Code

Created by

🇮🇳India shani maurya Mumbai

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • 🇺🇸United States smustgrave

    Don't know if they're related but does 🐛 Access check fails on user profile page Fixed solve this by chance?

  • Status changed to Postponed: needs info over 1 year ago
  • 🇺🇸United States smustgrave

    For the answer in #6

  • Status changed to Active over 1 year ago
  • 🇺🇸United States bluegeek9

    I think I ran into the same problem. My users have reported the link to the moderation dashboard takes them to the wrong page. I had trouble reproducing the issue, but I say a user experiencing the problem.

    I believe it is a problem with the cache. The users having the issue all have the same permissions.

             '#cache' => [
               'contexts' => ['user.permissions'],
            ]
    

    I think this will fix the problem; every user has a different user id. I will report back what I find.

             '#cache' => [
               'contexts' => ['user'],
            ]
    
  • 🇺🇸United States bluegeek9

    Patch.

  • Open in Jenkins → Open on Drupal.org →
    Core: 9.5.x + Environment: PHP 8.1 & MySQL 8
    last update over 1 year ago
    14 pass
  • Status changed to Needs review over 1 year ago
  • Open on Drupal.org →
    Core: 10.0.7 + Environment: PHP 8.1 & MySQL 5.7
    last update over 1 year ago
    Waiting for branch to pass
  • @bluegeek9 opened merge request.
  • 🇮🇳India sahil.goyal

    I masqueraded as a different user and attempted to access the Moderation Dashboard. I noticed that it correctly directed me to the appropriate URL and displayed the correct user's information. I did not encounter any "Permission denied" errors during this process.
    For example, when I masqueraded as user/2 and clicked on the Moderation Dashboard link, I was redirected to the URL /user/2/moderation-dashboard. I conducted these tests using the Moderation Dashboard version 2.1.1 in Drupal version 10.1.x-dev.
    Based on my observations, it seems that the reported issue is not reproducible with the given configuration and steps.
    If encounter any specific scenarios or steps that consistently lead to the "Permission denied" error, please provide additional details.

    • bluegeek9 authored 0b4f63d6 on 2.0.x
      Issue #3331940 by Shani Maurya: URL gets random user id after user is...
  • Status changed to Fixed over 1 year ago
  • Automatically closed - issue fixed for 2 weeks with no activity.

Production build 0.71.5 2024