CB Connect authorisedLevels

krileon wrote: Don't understand your quickfix, [...]

Forget about the earlier posted snippet. It was the wrong place to make changes to.

krileon wrote: [...] you're fixing Joomla which implies the bug is in Joomla and not the plugin it self [...]

I do not know where the bug is. What I know is that a login via Facebook Connect creates a JUser object with invalid _authLevels. Subsequent calls to JUser::getAuthorisedViewLevels() don't check for changed _authLevels since this only happens if( empty( $this->_authLevels ) ). Making $this->_authLevels = JAccess::getAuthorisedViewLevels($this->id); on 426 in joomla/user.php unconditional fixes things for me (with obvious performance penalties) for now.

krileon wrote: [...] which is very likely as issue wasn't seen until late J1.6 releases (earlier releases did not have this issue) and of course J1.7 release.

Well, since J's behaviour obviously changed from 1.6.x to 1.7.x I'd say it is a bug in Facebook Connect when used with 1.7.x.

krileon wrote: Please also hold the sarcasm;

Sorry. You named it: frustration.

I do not know where the bug is. What I know is that a login via Facebook Connect creates a JUser object with invalid _authLevels. Subsequent calls to JUser::getAuthorisedViewLevels() don't check for changed _authLevels since this only happens if( empty( $this->_authLevels ) ). Making $this->_authLevels = JAccess::getAuthorisedViewLevels($this->id); on 426 in joomla/user.php unconditional fixes things for me (with obvious performance penalties) for now.

I see, seams the creation process of a user isn't completed properly. Will be reviewing for next release to ensure usergroups are added correctly. It's likely due to only populating GID instead of also populating GIDS, which was implemented for J1.6/J1.7 usage. Will know more once I review.

Well, since J's behaviour obviously changed from 1.6.x to 1.7.x I'd say it is a bug in Facebook Connect when used with 1.7.x

Is not always the extensions fault, but is likely for this to be the case in this situation. None of them (FBC, TC, and CB Connect) have been upgraded to support J1.6/J1.7 ACL as of yet.

krileon wrote:

I do not know where the bug is. What I know is that a login via Facebook Connect creates a JUser object with invalid _authLevels. Subsequent calls to JUser::getAuthorisedViewLevels() don't check for changed _authLevels since this only happens if( empty( $this->_authLevels ) ). Making $this->_authLevels = JAccess::getAuthorisedViewLevels($this->id); on 426 in joomla/user.php unconditional fixes things for me (with obvious performance penalties) for now.

I see, seams the creation process of a user isn't completed properly. Will be reviewing for next release to ensure usergroups are added correctly. It's likely due to only populating GID instead of also populating GIDS, which was implemented for J1.6/J1.7 usage. Will know more once I review.

I'm looking forward to it!

krileon wrote:

Well, since J's behaviour obviously changed from 1.6.x to 1.7.x I'd say it is a bug in Facebook Connect when used with 1.7.x

Is not always the extensions fault, [...]

I'm not looking for a guilty party The only thing that matters to me right now is to have a workaround so I can move on digging code

You can try reviewing the source, locating the registration process, and populating the user object with GIDS instead of just GID. Example as follows.

$user->gids = array( $user->gid );

At any rate again will be reviewing shortly after GJ 2.4 stable release and be preparing new releases addressing J1.6/J1.7 issues.

krileon wrote: [...] populating the user object with GIDS instead of just GID.

Thanks for the pointer, I'll have a look.