I just installed a custom module in Odoo, and everything seems to be ok. But when I try to install other modules I receive the next error:
Sorry, you are not allowed to access this document. Please contact your system administrator if you think this is an error.
(Document model: ir.module.module.exclusion) - (Operation: read, User: 2)
I no longer have rights to install new modules
What is causing that error?
It seems like you don't have the right to access to the records of the models, try adding your user to the user groups provided by the module that have the right to access (setting -> users and companies) or become superuser.
Administration / Settings group users have all the permission (read, write, create, unlink) for ir.module.module.exclusion model. As you are trying to install apps, you are probably logged in as super user which has the group permission Administration / Settings. Probably the module you have installed is changing access right permission, you can look for base.access_ir_module_module_exclusion_group_system string in your custom modules code as that is the external id of the record for this particular model.
As per solution, you can go to Debug on Settings > Technical > Models > ir.module.module.exclusion, in form view go to access rights tab, edit and set all permission for Administration / Settings to checked, as Jorge suggested in the previous answer.
Related
SonarQube v5.2
I am trying to create a technical user (one that is authenticated locally and not against our LDAP). I have added a user name to the conf/sonar.properties file and restarted SonarQube. But, when I log in (as an administrator), the new user doesn't show up in the Administration | Security | Users list. We have two previously defined technical users (including admin) which do show up.
The admin guide doesn't say much http://docs.sonarqube.org/display/SONARQUBE52/Authentication.
Is there another step needed to create a technical user?
You need to manually create the user in SonarQube, it won't be automatically at startup.
Note that the SonarQube version you're using is no more supported, you should migrate to the latest LTS version 5.6.X => local users (previously known as technical users) are better managed :
- No more need to update sonar.properties
- You just have to create a user from the web server, this user will automatically be considered as a local user.
I've updated http://docs.sonarqube.org/display/SONAR/Authentication in order to remove the "Technical" word.
I am unable to create project in open shift. I created a project previously and deleted it. Looks like a project exists but unable to access or delete it. Seems like i am stuck. Also logging into the console https://console.preview.openshift.com/console/ doesn't show any existing projects.
I ran the following oc commands from the terminal.
Any suggestions on how to resolve this issue?
Thanks
XX:~ XX$ oc new-project test
Error from server: projectrequests "test" is forbidden: user XX cannot create more than 1 project(s).
XX:~ XX$ oc delete project test
Error from server: User "XX" cannot delete projects in project "test"
XX:~ XX$ oc status
Error from server: User "XX" cannot get projects in project "default"
XX:~ XX$ oc get projects
You need to give privileges/policies to your user which will allow the actions you want to perform.
If you are just in a proof-of-concept environment I would recommend the make your user cluster-admin in the whole cluster. This will give all the possible privileges to your user. Of course this in't recommended for every user in a 'real' environment.
First you need to authenticate with the 'default admin' which is created after the installation. This default admin-user isn't working with the normal user/password authentication. It's using a client certificate.
oc login -u system:admin --config=/etc/origin/master/admin.kubeconfig
Now you will see a list of the available projects (default, openshift management, etc). Now you're able to give cluster-roles to other users.
Make your user cluster-admin over the whole cluster
oadm policy add-cluster-role-to-user cluster-admin (youruser)
Now you have the cluster-admin privileges inside the whole cluster. You are also able to give privileges for some user in a specific project and not in the whole cluster. Than you have to use:
oadm policy add-role-to-user <role> <username> (in the current project)
This will give the role to a user, but only inside the project from where you've performed this command.
For more information about the avaiable cluster roles and policies I will point to the official documentation.
I raised a defect with Openshift Team as pointed out in the Support Link.
https://docs.openshift.com/online/getting_started/devpreview_faq.html#devpreview-faq-support
Here is the response i received from Support Team.
It seems that you have issued a bug and followed up for this already:
https://bugzilla.redhat.com/show_bug.cgi?id=1368862
After the cause is investigated, our operations team will sure clean up the project manually for you to allow you continue working with the developer preview
Latest update:
The project has now been cleaned up and you should be able to create a new project.
I am able to create Project in Openshift now.
I want to install a TeamCity BuildAgend as a user. When entering my user credentials here:
I always get this error:
NOTE: My account (user) is Administrator with full permission!
How can I do this?
The error message says it does not have "enough rights to run as a service",
this is slightly different from just being an administrator.
Go to Control Panel> Administrative Tools> Local Security Policy.
Select Local Policies> User Rights Assignment.
Scroll down through the list of policies and look for Log on as a service.
Add the account you're using to the list of accounts with this right.
That should in theory be all you need to allow the service to run under that user.
The best powershell command that I have found for this is:
Grant-Privilege -Identity $SERVICE_USERNAME -Privilege SeServiceLogonRight
Requires use of the Carbon framework.
I'm a Windows 10 Home user and the steps above did not work for me, but the following did:
Enable gpedit.msc by running the batch file as explained here under Method 1: https://www.askvg.com/how-to-enable-group-policy-editor-gpedit-msc-in-windows-7-home-premium-home-basic-and-starter-editions/
Run gpedit.msc
Go to Local Computer Policy / Computer Configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignment
Double-click Log on as a service
On the window that appears, click Add User or Group...
Enter your username and click the Check Names button
Your name will be modified, adding the machine name as the prefix. Click OK
Click OK on the Log on as a service Properties window to apply the change.
It is a little bit of a pain, but after doing that, I was able to continue installing TeamCity
I need to integrate my Pentaho Community dashboard report in a DotNet application. Now I am facing a problem.
I want the report to open on single click without the Pentaho server asking for authentication or log in. I tried to find out a solution and found that if I use userid and password in the url, it will work. So I did this
http://192.168.2.122:8085/pentaho/api/repos/:home:Time%20Sheet%20Reports:Project%20Effort%20Analysis%20Dashboard.wcdf/generatedContent&userid=admin&password=password
But this is not working for me and the browser is still asking for login credentials. I don't understand what went wrong.
Any help with the same will be most appreciated.
Thanks in advance.
Regards,
Ritesh.
You need the following user to be created under the Manage Users & Roles Perspective:
anonymousUser (notice the uppercase U)
You can give this user any password; this is only to make sure this user maps the user used in the configuration files inside pentaho-solutions/system
Make sure the Anonymous role has at least the Read Permission.
The Anonymous role should exist already in the BA Server (this is by default a system role in the Manage Users and Roles Perspective)
Under Public create a folder: in my case "OpenReports"
Select the "OpenReports" folder click properties > click Share > Uncheck > Inherits folder permissions
Make sure to add anonymousUser and role anonymous to it and they at least the Read permission
Click OK
Copy an Analyzer report to the new OpenReports folder
Verify the permissions for anonymousUser and Anonymous role were inherited; if not add them accordingly.
Stop BA Server
Locate the following file:
\pentaho\server\biserver-ee\pentaho-solutions\system\applicationContext-spring-security.xml
Add the following lines:
\A/i18n.*\Z=Anonymous,Authenticated
\A/js/utils.js\Z=Anonymous,Authenticated
\A/api/.*require-js-cfg.js\Z=Anonymous,Authenticated
\A/api/.*\Z=Anonymous,Authenticated
\A/api/repos.*\Z=Anonymous,Authenticated
\A/api/common-ui/resources/.*\Z=Anonymous,Authenticated
\A/api/common-ui/util/.*\Z=Anonymous,Authenticated
The following lines open the anonymous access to the OpenReports folder and its contents
\A/api/repos.*public.*openreports.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/viewer/.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/common-ui/.*\Z=Anonymous,Authenticated
\A/api/repos.*public.*openreports.*/common-ui/util/.*\Z=Anonymous,Authenticated
after:
\A/js/require-cfg.js\Z=Anonymous,Authenticated
and before:
\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated
Add the following lines: (these open the URL access to the Analyzer plugin)
\A/content/pentaho-cdf/.*\Z=Anonymous,Authenticated
\A/content/common-ui/.*\Z=Anonymous,Authenticated
\A/content/analyzer/.*\Z=Anonymous,Authenticated
\A/content/analyzer/scripts/.*\Z=Anonymous,Authenticated
Make sure to add these lines:
After:
\A/content/data-access/resources/gwt/.*css\Z=Anonymous,Authenticated
and before:
\A/webcontext.js.*\Z=Anonymous,Authenticated
Locate the following
Change the following lines from:
\A/api/.*\Z=Authenticated
\A/plugin/.*\Z=Authenticated
to:
\A/api/.*\Z=Anonymous,Authenticated
\A/plugin/.*\Z=Anonymous,Authenticated
Save the file
Restart your BA Server
You should be able to successfully call the report by URL without having to authenticate through the login page; here is a sample URL:
http://192.168.2.122:8085/pentaho/api/repos/:public:OpenReports:Leading%20Product%20Lines%20(pivot%20table).xanalyzer/editor
Here the simplest way to bypass the log in :
http://pedroalves-bi.blogspot.pt/2015/02/useful-tips-easy-authentication-in.html
it's work for me, i'm using pentaho 5.4
don't forget to create anonymousUser and in "system Roles" check only "Read Content".
if you use admin user and then you try to access http://localhost:8080/pentaho/Home
it will automaticly login because the browser still have session login.
sorry for my bad english,
The problem is as follows:
- I've got users defined on server A (domain controller),
- I've got SharePoint Farm installation on server B (fresh install)
After installation i have started the Profile Synchronization process, so i've got all the required users in sync. After i created a site i've assigned USER1 as its administrator / owner.
As i understand the USER1 user should have access to:
- site settings / permissions
- site content
Unfortunately i stuck with the situation where user can login on his my-domain\USER1 account, and he can access MOST of the pages. The rest:
example.net/ (http://example.net/default.aspx IS accessible)
example.net/test/ (http://example.net/test/SitePages/Home.aspx IS accessible)
example.net/test/SitePages/
causes re-authentication.
It is really easy to solve by adding users / group defined in PDC to local WSS_WPG group, but i don;t think this is the solution.
I will really appreciate your help !
The problem was in AD configuration.
Domain Users must have Bypass Traverse Checking enabled to avoid that issue.
For more information you can check following links:
http://technet.microsoft.com/en-us/library/cc787794%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/cc739389%28v=ws.10%29.aspx
www.windowsitpro.com/article/performance/how-to-use-the-bypass-traverse-checking-user-right