|
Ben
|
July 2, 2020 at 10:01 am
Hi,
The Event Administrator role is not working with the iOS App to check attendees in, on a Staging Site, after it was not working on the LIVE Site.
Getting the error – “Registration is Denied!”
The event administrator role is showing all of the 159 capabilities granted by default and the 1 deny for the Edit Dashboard.
Rest API is not disabled, & XML-RPC is enabled and allowed.
There is no caching at the Server Level, or on the Site.
I’ve viewed – https://eventespresso.com/wiki/ee4-event-apps/#troubleshooting
but nothing matches the error that we’re getting.
It was originally working on the first staging site, but not on the LIVE site.
Any ideas please?
Thanks
Ben
|
|
Tony
|
July 2, 2020 at 11:17 am
Hi Ben,
What steps are you taking in the app?
How are you trying to check-in the registration?
If you add the WP REST API log plugin, try to check the registrant in and then view the request sent by the app in the logs, does it show any errors?
|
|
Ben
|
July 2, 2020 at 1:16 pm
Thanks Tony,
– What steps are you taking in the app?
Logging into the App with the Event Administrator credentials using the Application Password that has been created for the specific Event Organizer.
Tapping the barcode scanner in the top right, and scanning the QR code from a ticket on the screen, which has been produced from a real registration.
After scan, error is showing ‘Registration is Denied’.
I’ve also tried tapping on the specific event, and then scanning, but doesn’t make any difference.
– If you add the WP REST API log plugin, try to check the registrant in and then view the request sent by the app in the logs, does it show any errors?
No errors, but no log at all.
This means the REST API is still not working, right?
Thanks.
|
|
Tony
|
July 2, 2020 at 2:33 pm
Go to {domain}/wp-json/ on your site, what do you see?
After its loaded, go to the Rest Log again, do you see any entries?
|
|
Tony
|
July 2, 2020 at 2:34 pm
Which site is it? I’ll take a look if you can post the URL.
You can set your reply to private if preferred.
|
|
Ben
|
July 3, 2020 at 3:04 am
This reply has been marked as private.
|
|
Tony
|
July 3, 2020 at 9:48 am
Hmm, so your REST API is working fine but if you’re not getting a log entry from the app I’m guessing something is blocking the request.
Can you send me the login details so I can test the above and capture the requests sent? If so you can use this form:
https://eventespresso.com/send-login-details/
Note I don’t actually own an Apple device to test iOS with but I can check with android, if I can’t see the issue with that I’ll ask another member of the team to test.
|
|
Ben
|
July 3, 2020 at 10:01 am
Thanks Tony,
The details have been provided, as requested.
That’s exactly why I can’t figure out what is causing the block.
I thought it was the security tool first, but even after deactivated, still no difference.
If you need anything else from me, please let me know.
Thanks.
|
|
Tony
|
July 3, 2020 at 10:49 am
Ok, can you provide more details on this:
The Event Administrator role is not working with the iOS App to check attendees in, on a Staging Site, after it was not working on the LIVE Site.
You’ve put ‘after’ it was not working on Live, so it works on Live now? What changes to make it work on Live?
So right now looking at the request, I’m guessing the problem is the Event Admin role works for accounts on Live, but not accounts on Staging, is that correct?
|
|
Ben
|
July 3, 2020 at 10:59 am
You’ve put ‘after’ it was not working on Live, so it works on Live now?
No, we haven’t tested again on the LIVE site, and the Events Administrator role on the LIVE site, has less capabilities applied to it, and doesn’t work with the App to checkin attendees.
The testing site has the default 159 capabilities for the Event Administrator role, and still doesn’t work with the App to checkin.
The events were appearing correctly for the appropriate Event Administrator that has been added to the Author of the Event.
I was hoping to get the capabilities set right on the testing site, then just update them on the LIVE site to get it working, but that doesn’t appear to be the case with the App.
So right now looking at the request, I’m guessing the problem is the Event Admin role works for accounts on Live, but not accounts on Staging, is that correct?
No, we need to get the App working to Checkin attendees on the staging site first, and then transfer those updates to the LIVE site please.
Thanks.
|
|
Tony
|
July 3, 2020 at 11:57 am
Ok, so the problem is your site is directing the REST requests to the live domain.
In the app, you set a domain and the app sends a request off to that domain to query for the REST API endpoint, well, there’s actually a few requests, first to check if HTTPS connections are valid on your domain, another to log in and then another to find the endpoint mentioned.
But the point being the app is checking for connectivity and then finding the REST API endpoint from the headers available on your site (we do this because the endpoint is filterable, meaning /wp-json/ can be changed to anything and we need to know what this is for the app to function).
On your site the REST API endpoint set in the header returns your live domain, so after checking for connectivity, logging in and requesting the REST URL all subsequent requests use the whatever URL your server provided, meaning they are all going to the live domain.
I’ll post a screenshot of the captured requests in a private reply after this but this must be down to the staging site config, the value used in that header is based on ou Home URL setting in Dashboard -> Settings -> General (note this is all a WP core feature, not an EE feature).
I’m guessing your home URL is set to the live domain in staging?
|
|
Tony
|
July 3, 2020 at 11:57 am
This reply has been marked as private.
|
|
Ben
|
July 6, 2020 at 4:19 am
This reply has been marked as private.
|
|
Ben
|
July 6, 2020 at 4:20 am
This reply has been marked as private.
|
|
Ben
|
July 6, 2020 at 4:21 am
This reply has been marked as private.
|
|
Ben
|
July 6, 2020 at 4:29 am
This reply has been marked as private.
|
|
Ben
|
July 6, 2020 at 4:46 am
This reply has been marked as private.
|
|
Ben
|
July 7, 2020 at 5:02 am
This reply has been marked as private.
|
|
Ben
|
July 7, 2020 at 5:03 am
This reply has been marked as private.
|
|
Tony
|
July 7, 2020 at 7:36 am
The default capabilities for the Event Administrator role should work as is (and do on m test sites), so confirm the account has all of the default capabilities, which can be found here:
https://github.com/eventespresso/event-espresso-core/blob/59d5e3886e6506ba986fbc7fa6b51ed7b7f45023/core/EE_Capabilities.core.php#L465
The ‘Events Administrator’ role is the ee_events_administrator.
The response body is missing too much info to be useful but based on my previous emails with James I’m guessing that within that response Ticket returns null, meaning the account doesn’t have access to either the ticket linked to that registration or the price linked to the ticket.
My guess is the account is missing one of these:
'ee_read_default_tickets',
'ee_read_others_default_tickets',
'ee_read_default_prices',
'ee_read_default_price_types',
To include the response here you would need to host the JSON file and post a link to it, or send it via email.
|
|
Ben
|
July 7, 2020 at 9:10 am
This reply has been marked as private.
|
|
Tony
|
July 7, 2020 at 9:52 am
That’s not the same response I saw previously, the ticket value is now not null so something has changed here.
Is this using the same login details you provided previously? IIRC those were for your staging site, the above is on the Live site, so I’d like to test this and capture the requests.
|
|
Ben
|
July 7, 2020 at 10:20 am
This reply has been marked as private.
|
|
Tony
|
July 7, 2020 at 11:00 am
It’s an iOS specific issue, Android works fine but iOS fails.
The requests sent from both are slightly different so it is likely a capabilities issue as the iOS apps are requesting more details than the Android app.
For the links you provided above, what’s the route/title (on the main REST log list table they call it title)?
|
|
Tony
|
July 7, 2020 at 11:04 am
The frustrating part is, Event Admin on another test site works with iOS so it’s something specific with your set up.
|
|
Ben
|
July 7, 2020 at 11:57 am
This reply has been marked as private.
|
|
Tony
|
July 7, 2020 at 2:51 pm
The apps use the REST API and not XML-RPC to communicate with the site, you are free to disable XML-RPC.
I found that the Android app also started showing me ‘Registration is denied’ but only after the initial scan. If I registered onto the test event then the very first scan of the ticket worked, all others including simple lookup scans failed.
Right now every authenticated request I send to your server simply 302 redirects me to the home page so I can’t test anything and if that is happening during your own testing is likely the problem.
If you add a new registration to the test event, load the ticket and scan that using the account above, does the first scan work?
|
|
Ben
|
July 7, 2020 at 3:15 pm
This reply has been marked as private.
|
|
Tony
|
July 7, 2020 at 3:28 pm
It’s not the rule from the .htaccess file posted above as far as I can tell.
No, same error first time – Unsupported URL, followed by Registration is denied.
Yeah, I don’t get that either.
Right now I’m just 302’d home even when logging in so I can’t scan anything. Something on your server is blocking the requests from me, what that is I have no idea, unfortunately.
I’ve even deactivated the iThemes Security plugin, and same error, so it can’t be that.
De-activating iThemes does not remove all of the crazy stuff it adds to the site.
So it can be iThemes, even when de-activated.
|
|
Tony
|
July 7, 2020 at 3:39 pm
This reply has been marked as private.
|
|
Ben
|
July 8, 2020 at 9:51 am
This reply has been marked as private.
|
|
Ben
|
July 9, 2020 at 2:23 am
This reply has been marked as private.
|
|
Ben
|
July 9, 2020 at 2:45 am
This reply has been marked as private.
|
|
Ben
|
July 9, 2020 at 3:57 am
This reply has been marked as private.
|
|
Ben
|
July 9, 2020 at 4:53 am
This reply has been marked as private.
|
|
Tony
|
July 9, 2020 at 11:09 am
Hi Ben,
“We have monitored the server logs in real-time while replicating the issue on my phone device and I confirm that there is no server-side block or configuration that prevents the connection on our end. In fact, the requests coming to the server are properly processed and the server responds with 200 OK which you may verify from the logs below:”
The thing is, all of my requests were working and responding with 200 at first until all of a sudden every authenticated request sent to the site 302’d me home, so the log entries working on their end don’t really help.
The device I use for testing the apps isn’t used for anything else and I haven’t touched it since the last batch of testing I did on your site and right now it magically works again. The 302’s are not an app issue, something had to have been blocking my IP for me to be directed home with 302’s on every authenticated request I sent, especially when you consider that switching to mobile data worked just fine.
Also, what capabilities need to be removed, in order to have just the events show up for the specific event administrator that has been assigned to the event?
Instead of seeing all events.
I’d recommend you we get the app working before you start changing any other capabilities but in general its the _others_ caps, so for example ee_read_others_events allows the user to read other users events.
—-
I managed to get hold of an iPad to do some testing on and I think I’ve found the issue here, on the ee_events_administrator role add these caps:
'ee_read_payment_methods',
'ee_read_others_payment_methods',
Now test again, does it work?
|
|
Ben
|
July 9, 2020 at 11:28 am
This reply has been marked as private.
|
|
Tony
|
July 9, 2020 at 1:22 pm
What additional caps do you recommend to get it working?
I don’t have any additional recommendations, the additional 2 caps above fixed the iOS issues I found.
However, I don’t get any notices of unsupported URL’s on my test sites (I do on yours).
Can you send credentials I can use to log into the site itself, please, I’d like to look over the REST logs.
|
|
Ben
|
July 9, 2020 at 1:27 pm
This reply has been marked as private.
|
|
Tony
|
July 9, 2020 at 3:13 pm
Have you tested using an account without app passwords?
|
|
Ben
|
July 9, 2020 at 3:57 pm
This reply has been marked as private.
|
|
Tony
|
July 9, 2020 at 4:43 pm
Hmmm, so this has me baffled.
Something specific to your site is breaking the URL used and I’m not sure why capabilities would cause this, especially as the caps work fine on my test sites.
The only thing I can suggest right now is to add all capabilities to the Event Administrator role and test again. If so l, slowly remove each additional cap until the app breaks again. However, I suspect you may need to log out and back into the app to test this fully.
I also have another plugin that adds a couple of custom roles (one of which answers your ‘others’ cap question). Events Manager and Events Organizer, Events Manager has access to all of EE but not WP and Event Organizer has access to events they are set as the author of which can be found here:
https://monosnap.com/file/qUKeT73ASIAzTRUNX6Hlb1J59vMWgz
Try creating a user and setting them as an event organizer and see of you get the same issue.
|
|
Ben
|
July 10, 2020 at 8:42 am
This reply has been marked as private.
|
|
Tony
|
July 15, 2020 at 10:40 am
Hi Ben,
Can you add another test event to the site with a test registration and post the link to the ticket here, please?
|
|
Ben
|
July 16, 2020 at 1:55 am
This reply has been marked as private.
|
|
Tony
|
July 16, 2020 at 7:43 am
This reply has been marked as private.
|
