Forum OpenACS Q&A: member 0 shouldn't be part of Registered Users?

Collapse
1: member 0 shouldn't be part of Registered Users?
Posted by C. R. Oldham on 11/22/03 12:42 AM

Greetings,

We have a 4.6.2/Oracle site that was migrated from an old ACS 3.4.x site. I think I just found a quirk, but wanted to make sure before I correct it.

select * from group_member_map where member_id=0;

returns 

# GROUP_ID MEMBER_ID REL_ID CONTAINER_ID REL_TYPE      
= ======== ========= ====== ============ ==============
1 -2       0         158228 965          membership_rel
2 -1       0         5      -1           membership_rel
3 -1       0         158228 965          membership_rel
4 965      0         158228 965          membership_rel
5 1226     0         158228 965          membership_rel

That appears like an unregistered visitor (now user id 0--user id 0 used to be the system user) is a member of the Registered Users group as well as a couple of other groups that we have.

I think I want to remove this user from those groups, but just wanted to check and see if there was any reason why this might be.

Collapse
2: Re: member 0 shouldn't be part of Registered Users? (response to 1)
Posted by Don Baccus on 11/22/03 01:50 AM
I don't know how it got into the registered users group unless someone added it through the acs-subsite UI somehow (debatable) or did something else.

"The Public" consists of user 0 (party 0 in 4.6.2) UNION members of registered users.

With 5.0 we've made user 0 be a full user which means we can support "anonymous coward" style user input transparently by granting the right privileges on "The Public" ...

Anyway you should leave it in the "The Public" group, remove from the "Registered Users" group ...

Collapse
3: Re: member 0 shouldn't be part of Registered Users? (response to 1)
Posted by C. R. Oldham on 11/24/03 05:35 PM
I removed the "user" 0 from all groups but The Public and now anyone who tries to go to our website and is not logged in gets a redirect loop to /register.  Going directly to /register doesn't work either--same loop.

I recall people have similar problems when they remove the read privilege from The Public for the main site root.  However, that is not the case for us, The Public does have read on the root.

Suggestions on where else I could look are greatly appreciated.

It might help to know that we have a development site that we keep in pretty close sync with the main site that does not exhibit this problem--it did have "extra" privileges for the "user" 0 as well, and removing them there didn't break anything.

Collapse
4: Re: member 0 shouldn't be part of Registered Users? (response to 1)
Posted by Don Baccus on 11/24/03 07:18 PM
I think you're going to have to do some detailed ns_log tracing of exactly what's going on before we'll be able to help you.  Obviously something "interesting" has happened to your installation (user 0 being in Registered Users being one symptom!) ...

I can't think of anything off the top of my head, I think you're just going to have to squirm around in the sewage a bit to ferret this one out.

Collapse
5: Re: member 0 shouldn't be part of Registered Users? (response to 4)
Posted by C. R. Oldham on 11/24/03 07:25 PM
Yes, you're probably right.  I was kind of hoping someone else might have experienced something similar.  I have narrowed this down to the Registered Users group specifically, so at least I know it isn't something funny with one of our other groups.

When I re-add "user" 0 to Registered Users, things work again.  So something somewhere in our installation needs at least read permission for Registered Users.  I just have to figure out what that is, and also figure out why it is different between our main and dev servers.