[Loris-dev] 500 after login
Dave MacFarlane
dave.macfarlane at mcin.ca
Fri Feb 12 15:59:08 EST 2021
Hi Alfredo,
The only place in the code I see that error message is in
modules/api/php/endpoints/candidate/visit/visit.class.inc. The code around
it is:
$centerid = array_search($visitinfo['Site'],
\Utility::getSiteList());
if (!in_array($centerid, $user->getCenterIDs())) {
return new \LORIS\Http\Response\JSON\Forbidden(
'You can`t create candidates visit for that site'
);
}
I don't see any way it would be possible to trigger that error if you've
given the user all sites.
If you have a dev or staging server where you could add debugging
statements could you (inside of the if statement) put:
var_dump($user->getCenterIDs());
var_dump($centerid);
var_dump($visitinfo);
var_dump(\Utility::getSiteList());
I think that would cover all the variables that have any affect on the
condition in order to trace where it's going wrong..
On Fri, Feb 12, 2021 at 1:11 PM Morales Pinzon, Alfredo <
AMORALESPINZON at bwh.harvard.edu> wrote:
> Dear LorisDev,
>
> I added all the sites for a user and gave all the permissions to that
> user, but still I cannot use the end-point “PUT
> /api/v0.0.3/candidates/{candidate}/{visitlabel}” with the following payload:
>
> ===
> {
> "CandID": "559153",
> "Visit": "w024",
> "Site": "111-RWA-1",
> "Battery": "Experimental",
> "Project": "ADVANCE_ATTAIN"
> }
> ===
>
> I am getting the following response:
>
> ===
> {
> "error": "You can`t create candidates visit for that site"
> }
> ===
>
> I don’t see any errors in apache.
> Any ideas?
>
> Best,
> Alfredo.
>
> On Feb 9, 2021, at 11:04 PM, Morales Pinzon, Alfredo <
> AMORALESPINZON at BWH.HARVARD.EDU> wrote:
>
> External Email - Use Caution
>
> Hi Dave,
>
> I am trying to give add more sites for a user but I’m getting the error in
> the image attached. I tried in a different user and I got the same error.
> This is the error log in loris-error.log:
>
> ===
> [Tue Feb 09 22:59:18.026223 2021] [php7:notice] [pid 21147] [client
> 216.15.126.108:59451] PHP Notice: Undefined index: active_to in
> /var/www/loris/modules/user_accounts/php/edit_user.class.inc on line 1259,
> referer:
> https://ipmsa-loris.bic.mni.mcgill.ca/user_accounts/edit_user/alfredouser
> <https://secure-web.cisco.com/1fjjftOD7JdgU6QEtxdFoyzwJXlYq944elQIMh_3h0e5Y0HeF1PoT4dv0KqQBcicpzA5MaH5gQ0m1FW-YrmvLHoIE88K5DhXonw3xk5ZzU_uhtrdkI0JSZ0mb3ZOXMfDhB_pEEG6767MV1x49pX6ju6jt84nM36tyrl0_OoQl2qld_OwxQRUUA3D52CNDX4sNSnSN5Oe97KpMVhzBi3u5CfpYuPj-Ljiz8eBorIj4I-E0CTu1ChjN0zCmHS7YgsAS9rGBJrEOE9TxZ0biFddcKA/https%3A%2F%2Fipmsa-loris.bic.mni.mcgill.ca%2Fuser_accounts%2Fedit_user%2Falfredouser>
> ===
>
> Any ideas?
>
> Best,
> Alfredo,.
>
> <Screen Shot 2021-02-09 at 11.00.44 PM.png>
>
> On Feb 8, 2021, at 4:02 PM, Dave MacFarlane <dave.macfarlane at mcin.ca>
> wrote:
>
> External Email - Use Caution
>
> Hi Sridar,
>
> Users in LORIS may be affiliated with multiple sites at once. If there's a
> single uploader the easiest is just to ensure that the account used for
> uploading is affiliated with all the sites in LORIS by selecting them all
> in the multi-select in the user management page. (Clicking on the first
> one, then scrolling down and clicking the last one while holding shift
> should select them all in most web browsers.)
>
> - Dave
>
> On Mon, Feb 8, 2021 at 3:31 PM Sridar Narayanan, Dr. <
> sridar.narayanan at mcgill.ca> wrote:
>
>> Hi Dave,
>>
>> While requiring comprehensive site uploader data makes sense in the
>> context of a prospective study where the sites are actually uploading data
>> directly, it doesn’t make much sense when data is being uploaded centrally,
>> either prospectively or retrospectively as in our case. Is there an option
>> to specify a single, centralized uploader for all sites?
>>
>> Thanks,
>>
>> Sridar
>>
>>
>> On Feb 8, 2021, at 2:37 PM, Dave MacFarlane <dave.macfarlane at mcin.ca>
>> wrote:
>>
>> Set the "Real_name" field in the user table for that user to a value
>> other than null (and maybe ensure no other users have null real names while
>> you're at it.. they would have the same problem logging in). I think that
>> any string value should fix the error that you posted.
>>
>> On Mon, Feb 8, 2021 at 2:33 PM Morales Pinzon, Alfredo <
>> AMORALESPINZON at bwh.harvard.edu> wrote:
>>
>>> Hi Dave,
>>>
>>> What is your suggestion to fix this?
>>>
>>> Best,
>>> Alfredo.
>>>
>>> On Feb 8, 2021, at 1:24 PM, Dave MacFarlane <dave.macfarlane at mcin.ca>
>>> wrote:
>>>
>>> External Email - Use Caution
>>>
>>> I don't think the Real_name field should be null. It's used for the name
>>> to display in the menu at the top of LORIS.
>>>
>>> (In my local database the column is non-nullable, but it seems that the
>>> default schema allows null.. I think the fact that it allowed you to insert
>>> a null value is a minor bug.)
>>>
>>> - Dave
>>>
>>>
>>> On Mon, Feb 8, 2021 at 1:07 PM Morales Pinzon, Alfredo <
>>> AMORALESPINZON at bwh.harvard.edu> wrote:
>>>
>>>> Dear LorisDev,
>>>>
>>>> I am getting a 500 error after login into LORIS. This is what I can see
>>>> in the logs:
>>>>
>>>> ===
>>>> [Mon Feb 08 12:57:54.559522 2021] [php7:error] [pid 8074] [client
>>>> 216.15.126.108:61071
>>>> <http://secure-web.cisco.com/1yyORuoeO9JxDA-IdiJYnWoKpPeOCoB_GC-bwmu-kKM0hweK4CWSEriGGX17eQ8Qq5nz4PPRg7R3MYEuJEIQ1HN01bBB6ZtcT0PcZpjpgMCm4yw-keQSOTQm7UYnGOOiDWbOzKlVrF4X1CyvYs3dwvgl8ZTqBBqwom6DVPTxrFrCBiDQPFG2wVI5CQ6-FmFg4RgFYYtKQ6MJC-ebrPkpxHNlL2iNIIYgeMOgR7dg_StpUuwxXqWRY8EKN93dnaKG3gFAwBzlBJ9eeQX2RGLbHUA/http%3A%2F%2F216.15.126.108%3A61071>]
>>>> PHP Fatal error: Uncaught TypeError: Return value of User::getFullname()
>>>> must be of the type string, null returned in
>>>> /var/www/loris/php/libraries/User.class.inc:236\nStack trace:\n#0
>>>> /var/www/loris/modules/dashboard/php/module.class.inc(118):
>>>> User->getFullname()\n#1
>>>> /var/www/loris/modules/dashboard/php/module.class.inc(57):
>>>> LORIS\\dashboard\\Module->_getWelcomeWidget(Object(Database),
>>>> Object(NDB_Config), Object(User))\n#2
>>>> /var/www/loris/modules/dashboard/php/dashboard.class.inc(75):
>>>> LORIS\\dashboard\\Module->getWidgets('dashboard', Object(User), Array)\n#3
>>>> /var/www/loris/php/libraries/Module.class.inc(275):
>>>> LORIS\\dashboard\\Dashboard->__construct(Object(LORIS\\dashboard\\Module),
>>>> 'dashboard', '', '', 'dashboard')\n#4
>>>> /var/www/loris/php/libraries/Module.class.inc(342):
>>>> Module->loadPage('dashboard')\n#5
>>>> /var/www/loris/src/Middleware/ResponseGenerator.php(50):
>>>> Module->handle(Object(Laminas\\Diactoros\\ServerRequest))\n#6
>>>> /var/www/loris/src/Middleware/AuthMiddleware.php(63):
>>>> LORIS\\Middleware\\ResponseGenerator->process(Object(Laminas\\Diactoros\\Se
>>>> in /var/www/loris/php/libraries/User.class.inc on line 236
>>>> ===
>>>>
>>>> Perhaps it is an issue with the name of the user? I created hundreds of
>>>> users for batch insertion of candidates and visits for previous versions of
>>>> LORIS that required insertion of Candidates and Visits by users belonging
>>>> to a given center.
>>>>
>>>> This is an entry in the users table without the hashed password:
>>>>
>>>> ===
>>>> *************************** 850. row ***************************
>>>> ID: 850
>>>> UserID: 723-DKC-1_dataman
>>>> Password: NULL
>>>> Real_name: NULL
>>>> First_name: NULL
>>>> Last_name: NULL
>>>> Degree: NULL
>>>> Position_title: NULL
>>>> Institution: NULL
>>>> Department: NULL
>>>> Address: NULL
>>>> City: NULL
>>>> State: NULL
>>>> Zip_code: NULL
>>>> Country: NULL
>>>> Phone: NULL
>>>> Fax: NULL
>>>> Email: 723-DKC-1_dataman at ipmsa.com
>>>> <723-DKC-1_dataman at ipmsa.com>
>>>> Privilege: 0
>>>> PSCPI: N
>>>> DBAccess:
>>>> Active: Y
>>>> Password_hash: /REMOVED/
>>>> Password_expiry: 2035-01-01
>>>> Pending_approval: N
>>>> Doc_Repo_Notifications: N
>>>> language_preference: NULL
>>>> active_from: NULL
>>>> active_to: NULL
>>>> ===
>>>>
>>>> Best,
>>>> Alfredo.
>>>> The information in this e-mail is intended only for the person to whom
>>>> it is addressed. If you believe this e-mail was sent to you in error and
>>>> the e-mail contains patient information, please contact the Mass General
>>>> Brigham Compliance HelpLine at
>>>> http://www.massgeneralbrigham.org/complianceline
>>>> <http://secure-web.cisco.com/1mpsSvwo8y-cQVgPzryfWrMGrwgyJRuBZ21l3OpfPidIIOGkJJP5M-dA79KxrAs8inL2wDNKKwu_7FhZUrX1B9jZN_ESfEAND5f7ouFz36SxeVJtmLYqIy1_s5VhkkRuoHuptM3Uh1sF78u_V56JHmBd_-oG0pUY46rhlI4D5gs24UyDJj-bZy2iQgX7qpfPI2maK5TTtXgqHCQvlSfhPSJVo58wWwaeXZEJ7P8BJ4biZGLOYTiIwB5eSN4T8a77Dg2hjPsDH4rvouJJAf5F3Jg/http%3A%2F%2Fwww.massgeneralbrigham.org%2Fcomplianceline>
>>>> . If the e-mail was sent to you in error but does not contain patient
>>>> information, please contact the sender and properly dispose of the e-mail.
>>>> _______________________________________________
>>>> Loris-dev mailing list
>>>> Loris-dev at bic.mni.mcgill.ca
>>>> https://mailman.bic.mni.mcgill.ca/mailman/listinfo/loris-dev
>>>> <https://secure-web.cisco.com/1YVFggw7EgDexlyx8pzmXliYExDI_SUGOOLhxJeHrfWOj50RAafEI5uGOBNyI4CRn6B4sl6vqQyDz_mgNWYCDYnu7_rYAr4EnOj5g3g6Mf5KG8H4DWL7T9BvF-_0IGFgWZzXI3mjSKHk4ri4vhgIO19lTq1AABOiJMRT7HnHR33sn1YMzq9tVjrXyWr6Vw50EHfrHJr8TIMegfBktpLydEls9DCJ25ZiMU7sZJSnI0U-l7LBWJh2cKMHDKIfcbAg32FpB12zUC9HPZ1jO0GtneA/https%3A%2F%2Fmailman.bic.mni.mcgill.ca%2Fmailman%2Flistinfo%2Floris-dev>
>>>
>>>
>>> The information in this e-mail is intended only for the person to whom
>>> it is addressed. If you believe this e-mail was sent to you in error and
>>> the e-mail contains patient information, please contact the Mass General
>>> Brigham Compliance HelpLine at
>>> http://www.massgeneralbrigham.org/complianceline
>>> <http://secure-web.cisco.com/1wSj8vAv0Td5WK_KOkBSb0ng1Vs3CIAQI_yrm5rtdvRGk4r-PzYAuxt3LWub6qIceFgz-9ZnpDHl3ZxB5EdexVfEW8FOCPWtJOdXUMlvMcAlj-VZsKTHqOE8oNiXoTDH0pKG_xpMT8yxqBlhqlnxYJgUXosatclyKt6owrZVI4x_m8R5gtF35r9lybdLXsvns5M3qfhuAmauqNRuceGhmEV7AmKUZiFaW9Lofx7RfS9h4Gw93_DhYch1KYQTU_-JtqZXt8tO3iHtDOUjVniFmSA/http%3A%2F%2Fwww.massgeneralbrigham.org%2Fcomplianceline>
>>> . If the e-mail was sent to you in error but does not contain patient
>>> information, please contact the sender and properly dispose of the e-mail.
>>>
>>
>>
> The information in this e-mail is intended only for the person to whom it
> is addressed. If you believe this e-mail was sent to you in error and the
> e-mail contains patient information, please contact the Mass General
> Brigham Compliance HelpLine at
> http://www.massgeneralbrigham.org/complianceline . If the e-mail was sent
> to you in error but does not contain patient information, please contact
> the sender and properly dispose of the e-mail.
> _______________________________________________
> Loris-dev mailing list
> Loris-dev at bic.mni.mcgill.ca
>
> https://secure-web.cisco.com/1-zL4DlVdDgIpuP-wmX2G-_BmTOEoFKnRRdZt9lD0LaePFAD5YNdPkfKUs2HN3qJbIDG6ENFBb5A1eA5UrlUr8mIeZTxSKQoxNlr5INLM454I7Pt1yZ5NeChKafwZ4ofTxasbruAKIKuoyCewU2N79yOuXpOh8u2HMDTW23OLP_KP5XdVthRSNY4opuKoWoI791SsnNNzh0MruQqFELfEAaKQ5JY0F-i51qEWUhIHD7buHnWpE-XwMDoxW5tAzkStaaoqzRYXnrSlP2Ff3z8iGQ/https%3A%2F%2Fmailman.bic.mni.mcgill.ca%2Fmailman%2Flistinfo%2Floris-dev
>
>
> The information in this e-mail is intended only for the person to whom it
> is addressed. If you believe this e-mail was sent to you in error and the
> e-mail contains patient information, please contact the Mass General
> Brigham Compliance HelpLine at
> http://www.massgeneralbrigham.org/complianceline . If the e-mail was sent
> to you in error but does not contain patient information, please contact
> the sender and properly dispose of the e-mail.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.bic.mni.mcgill.ca/pipermail/loris-dev/attachments/20210212/eda724f6/attachment-0001.html>
More information about the Loris-dev
mailing list