WeBWorK Main Forum

admin not authorized to create or delete courses

admin not authorized to create or delete courses

by Larry Riddle -
Number of replies: 6

We have a production server running 2.17 and a development server running 2.18. Both are virtual servers. The development server is working great, so to upgrade the production server we made a clone of the development server and replaced the production server with that clone. The courses directory and database from the production server were backup-ed in advance and then restored to the 2.18 version now running on the production server.

But now when I try to log in as admin, I get the message "You are not authorized to create or delete courses".

Any suggestions on how to get this issue resolved? I assume it might be some type of permission issue, but I don't know where to look. One thing I noticed is that when I uncompressed the courses directory (from the previous 2.17 production server), the permissions on courses (and all subdirectories) was shown as drwxrwxr-x, but on the 2.18 development server, the courses directory (and all subdirectories) are shown as drwxrwsr-x (with the "s" instead of "x" in the group section).

I guess I had this (possibly naive) hope that replacing the 2.17 server with a working 2.18 clone would be a quick way to upgrade the production server.

In reply to Larry Riddle

Re: admin not authorized to create or delete courses

by Glenn Rice -

That should work. Did you run the script to update the database for the admin course?

In reply to Glenn Rice

Re: admin not authorized to create or delete courses

by Larry Riddle -
Yes, with the response that the admin course was up to date.

I'm wondering if I need to fix the permissions on the courses directory and subdirectories, but if so, I'm not sure how to change the mode from x to s just for the directories and not all the files.
In reply to Larry Riddle

Re: admin not authorized to create or delete courses

by Larry Riddle -
If it is of any help, the following code appears near the beginning of the file /opt/webwork/webwork2/templates/ContentGenerator/CourseAdmin.html.ep

% unless ($authz->hasPermissions(param('user'), 'create_and_delete_courses')) {
<%= maketext('You are not authorized to create or delete courses.') %>
% last;
% }
In reply to Larry Riddle

Re: admin not authorized to create or delete courses

by Glenn Rice -
If you are able to sign in to the admin course, and you get the message "You are not authorized to create or delete courses", then your user is not an admin user. That has nothing to do with the permissions on the courses directory. Try adding another user to the admin course with the addadmin wwsh script. To use it run wwsh admin /opt/webwork/webwork2/bin/addadmin from the terminal. That assumes that you have /opt/webwork/webwork2/bin in your path. You do need to give the full path of the addadmin script in any case (or the relative path from the directory you are in). That also assumes that your admin course is named "admin". If you have changed the $admin_course_id to something else in site.conf, then change "admin" in the given command to what you have that set to. That will add an admin user to the admin course with the username "admin" and password "admin". Then you can look in the "Accounts Manager" and see what your user's permission level really is. You can also change it of course.
In reply to Glenn Rice

Re: admin not authorized to create or delete courses

by Larry Riddle -
Running the addadmin script produced the error message that the admin user already existed. So I created a modified addadmin script that used the username "admin2". That script ran fine and I was able to log in using the admin2 username. Checking the Classlist Editor showed that the original "admin" user's permission level was set to "professor". Changing that back to "admin" allowed me to then successfully log in using the original admin username and password with no error message anymore. So thank you very much, Glen, for directing me to the appropriate steps to resolve this. The help is greatly appreciated.

I am still curious, however, how the admin permission level got changed from "admin" to "professor" by this cloning procedure.

And now that the admin issue has been successfully resolved, do I still need to do something about the fact that the group setuid bit is not set (i.e. "s" vs. "x") for the courses directory and subdirectories as it was in the development server version of 2.18?
In reply to Larry Riddle

Re: admin not authorized to create or delete courses

by Glenn Rice -

Most likely the admin user had professor permissions before. The "cloning" procedure is unlikely to have changed that. Before 2.18 you could sign in with a professor user and see things. Although you still wouldn't have been able to create courses.  That is unless you customized permissions to allow a professor user to do so?

I would recommend leaving the permissions how they are. Those should work fine.