Relation field shows "No permission to view this field" for super-admin

[scopsy]

Describe the bug
After upgrading to strapi 3.1 when trying to create a new entry with a relation field inside a repetable component. The field shown with a "No permission to view this field". Even tho i'm a super admin. Checked the settings page and the super admin seem to have access to the relation table.

Steps to reproduce the behavior

1. Create content list with a repeatable component that has a relation field
2. Uograde to strapi 3.1
3. try to create a new entry, the relation field will be disabled

Expected behavior
I was expectin to be able to modify the relation field as usual.

Screenshots

System

• Node.js version: v12.18.0
• NPM version: 6.14.4
• Strapi version: 3.1.1
• Database: Mongo DB
• Operating system: Mac OS

[lauriejim]

Hello! Can you please share your data structure, models and components, this will help us to reproduce the issue.
@petersg83 maybe related to a migration script?

[scopsy]

{
  "kind": "collectionType",
  "collectionName": "recipes",
  "info": {
    "name": "Recipes"
  },
  "options": {
    "increments": true,
    "timestamps": true
  },
  "attributes": {
    "title_en": {
      "type": "string"
    },
    "recipe_phases": {
      "type": "component",
      "repeatable": true,
      "component": "recipes.recipe-phases"
    },
    "author": {
      "model": "authors"
    }
  }
}

Component:

{
  "collectionName": "components_recipes_recipe_phases",
  "info": {
    "name": "recipe_phases",
    "icon": "allergies"
  },
  "options": {},
  "attributes": {
    "title_en": {
      "type": "string"
    },
    "recipe_phase": {
      "model": "recipe-phases"
    },
    "steps": {
      "type": "component",
      "repeatable": true,
      "component": "recipes.steps"
    }
  }
}

the broken part is:

  "recipe_phase": {
      "model": "recipe-phases"
    },

[lauriejim]

How did you create this relation?

[scopsy]

In the content editor, as usual.

There is a collection named recipes phases, and a component with the same name.

[petersg83]

Hi! Thanks for the issue. There are no migration scripts involved in this. I tried but I couldn't reproduce it. Do you have the problem when you follow the steps you wrote?
Can you rewrite them with as much details as possible so I can do the exact same things as you? This easiest way is maybe to record your screen from the moment you create the strapi project to the moment you experience the problem.

[dawnerd]

Seems related to #7325?

[robinsimonklein]

Hi everyone ! I had the same problem.
When I added new fields in a collection type from the "Content-Types Builder", those fields were hidden for the users with the role "Editor" or "Author".

After looking, I noticed that the checkboxes's appearance had changed in the permission settings of the other Roles (in settings → permissions → Roles → Editor)

Clicking on the first checkbox fixed the problem, but I have to repeat this operation each time I edit a collection type...

I think it remains an issue :/

[JabStrapi]

Hi everyone, This is not properly an issue. We had to make a choice regarding the default behavior when adding a field in a content type: would it be automatically included in the default roles' permissions set or not....?  We decided it would not and that the permissions would have to be updated each time the content model to manage would evolve (the opposite choice would have come with the same amount of drawbacks). Therefore, each time you are updating a content type model with a field, make sure to grant access to it updating the roles' permissions. I hope that helps. 

[robinsimonklein]

Ok, that makes sense. Thank you for the clarification ! 🙌

[derrickmehaffy]

We will be marking this issue as closed, should you have any further questions or concerns please don't hesitate to reply and we can look at reopening.

[kiwimahk]

Hi, I also ran into this issue despite having permissions set correctly (I am following the tutorial here https://strapi.io/blog/build-a-static-blog-with-gatsby-and-strapi ).

In my case it resolved itself when I added a second category and clicked save, triggering a server restart.

Just posting in case it helps anyone else in my situation, with correct permissions but no ability to edit relation field. My best guess is that something went wrong during server restart after saving my first category.

[dawnerd]

each time you are updating a content type model with a field, make sure to grant access to it updating the roles' permissions. I hope that helps.

Why would we have to do this if were an admin? Considering I had this similar this as a super admin makes me think there’s something else going on.

[ghost]

Also have this issue as a superadmin. Add a new field to the category content type and have no access to edit that field.

Steps:

1. In dev mode, log in as superadmin
2. Go to content type builder, edit category
3. Add a new field called cover
4. Go back to category collection
5. Edit the categories created before
6. Shows no permission to the field

[petersg83]

Hi, the superadmin should indeed have access to everything yes. I followed the steps of @lodisy but everything works find on my side. Can you please give more details ?

    Node.js version: 
    NPM version: 
    Strapi version: 
    Database: 
    Operating system: 

[ghost]

Hi, the superadmin should indeed have access to everything yes. I followed the steps of @lodisy but everything works find on my side. Can you please give more details ?

    Node.js version: 
    NPM version: 
    Strapi version: 
    Database: 
    Operating system: 

Node.js version: 12.14.1
NPM version: 6.13.4
Strapi version: 3.1.4
Database: MongoDB
Operating system: Ubuntu 18.04.3 LTS

I do not have issue locally, this happes on my VPS (with separated admin panel) whether in dev or production mode.

[dawnerd]

I also attached information in the issue I linked above. Also only happens in production mode.

[ghost]

Hi, the superadmin should indeed have access to everything yes. I followed the steps of @lodisy but everything works find on my side. Can you please give more details ?

    Node.js version: 
    NPM version: 
    Strapi version: 
    Database: 
    Operating system: 

Node.js version: 12.14.1
NPM version: 6.13.4
Strapi version: 3.1.4
Database: MongoDB
Operating system: Ubuntu 18.04.3 LTS

I do not have issue locally, this happes on my VPS (with separated admin panel) whether in dev or production mode.

Tried again. One more thing to mention, the panel needs to get restarted after editing, but it often keeps loading, shows taking too long or an error happens, while strapi has already restarted normally and no errors according to the ssh panel.

[petersg83]

Can you please show me the entry in your database that correspond to the super-admin user ?
It should look to something like that:

{
    "_id" : ObjectId("5f3bf84872b113bd976f57c9"),
    "name" : "Super Admin",
    "code" : "strapi-super-admin",
    "description" : "Super Admins can access and manage all features and settings.",
    "createdAt" : ISODate("2020-08-18T15:48:24.482Z"),
    "updatedAt" : ISODate("2020-08-18T15:48:24.482Z"),
    "__v" : 0
}

Alos, do you have any warning in the logs when you start the server?

[dawnerd]

> db.getCollection('strapi_role').find({})
{ "_id" : ObjectId("5f276fda8a83ae0a07e79302"), "name" : "Super Admin", "code" : "strapi-super-admin", "description" : "Super Admins can access and manage all features and settings.", "createdAt" : ISODate("2020-08-03T02:00:58.957Z"), "updatedAt" : ISODate("2020-08-03T02:00:58.957Z"), "__v" : 0 }
{ "_id" : ObjectId("5f276fda8a83ae0a07e79303"), "name" : "Editor", "code" : "strapi-editor", "description" : "Editors can manage and publish contents including those of other users.", "createdAt" : ISODate("2020-08-03T02:00:58.967Z"), "updatedAt" : ISODate("2020-08-03T02:00:58.967Z"), "__v" : 0 }
{ "_id" : ObjectId("5f276fda8a83ae0a07e79304"), "name" : "Author", "code" : "strapi-author", "description" : "Authors can manage and publish the content they created.", "createdAt" : ISODate("2020-08-03T02:00:58.976Z"), "updatedAt" : ISODate("2020-08-03T02:00:58.976Z"), "__v" : 0 }

yarn run v1.22.4
$ strapi start
[2020-08-18T16:50:42.596Z] debug [Cache] Mounting LRU cache middleware
[2020-08-18T16:50:42.597Z] debug [Cache] Storage engine: mem
[2020-08-18T16:50:42.599Z] debug [Cache] Caching route /attractions/:id* [maxAge=604800000]
[2020-08-18T16:50:42.599Z] debug [Cache] Caching route /companies/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /manufacturers/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /parks/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /resorts/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /static-pages/:id* [maxAge=604800000]
[2020-08-18T16:50:43.269Z] error An index error happened, it wasn't applied.
        - Index with name: username_1 already exists with different options

 Project information

┌────────────────────┬──────────────────────────────────────────────────┐
│ Time               │ Tue Aug 18 2020 16:50:43 GMT+0000 (Coordinated … │
│ Launched in        │ 3553 ms                                          │
│ Environment        │ production                                       │
│ Process PID        │ 23144                                            │
│ Version            │ 3.1.4 (node v12.18.2)                            │
│ Edition            │ Community                                        │
└────────────────────┴──────────────────────────────────────────────────┘

 Actions available

Welcome back!
To manage your project 🚀, go to the administration panel at:
http://0.0.0.0:1337/admin

To access the server ⚡️, go to:
http://0.0.0.0:1337

[derrickmehaffy]

[2020-08-18T16:50:42.596Z] debug [Cache] Mounting LRU cache middleware
[2020-08-18T16:50:42.597Z] debug [Cache] Storage engine: mem
[2020-08-18T16:50:42.599Z] debug [Cache] Caching route /attractions/:id* [maxAge=604800000]
[2020-08-18T16:50:42.599Z] debug [Cache] Caching route /companies/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /manufacturers/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /parks/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /resorts/:id* [maxAge=604800000]
[2020-08-18T16:50:42.600Z] debug [Cache] Caching route /static-pages/:id* [maxAge=604800000]
[2020-08-18T16:50:43.269Z] error An index error happened, it wasn't applied.
        - Index with name: username_1 already exists with different options

Just a side point I see you are using the community strapi-middleware-cache wanted to just make sure there is no conflict, can you temporarily disable that middleware?

[ghost]

abase that correspond to the super-admin user ?
It should look to something like that:

{
	"_id" : ObjectId("5f3070d75dd9161e5c5d40a7"),
	"name" : "Super Admin",
	"code" : "strapi-super-admin",
	"description" : "Super Admins can access and manage all features and settings.",
	"createdAt" : ISODate("2020-08-09T21:55:35.072Z"),
	"updatedAt" : ISODate("2020-08-09T21:55:35.072Z"),
	"__v" : 0
}
{
	"_id" : ObjectId("5f3070d75dd9161e5c5d40a8"),
	"name" : "Editor",
	"code" : "strapi-editor",
	"description" : "Editors can manage and publish contents including those of other users.",
	"createdAt" : ISODate("2020-08-09T21:55:35.083Z"),
	"updatedAt" : ISODate("2020-08-10T07:56:56.784Z"),
	"__v" : 0
}
{
	"_id" : ObjectId("5f3070d75dd9161e5c5d40a9"),
	"name" : "Author",
	"code" : "strapi-author",
	"description" : "Authors can manage and publish the content they created.",
	"createdAt" : ISODate("2020-08-09T21:55:35.091Z"),
	"updatedAt" : ISODate("2020-08-10T07:57:30.855Z"),
	"__v" : 0
}

> db.strapi_administrator.find().pretty()
{
	"_id" : ObjectId("5f308143ef4743500d23122f"),
	"isActive" : true,
	"blocked" : false,
	"roles" : [
		ObjectId("5f3070d75dd9161e5c5d40a7"),
		ObjectId("5f3070d75dd9161e5c5d40a8"),
		ObjectId("5f3070d75dd9161e5c5d40a9")
	],
	"username" : "michael@neonse.com",
	"registrationToken" : null,
	"firstname" : "Jie",
	"lastname" : "Wang",
	"email" : "michael@neonse.com",
	"password" : "$2a$10$6VgP6OB5jbUGT8lnYN5g6.z5L2hGBPX6REN4cZrJT88VTQU7CbhNu",
	"createdAt" : ISODate("2020-08-09T23:05:39.620Z"),
	"updatedAt" : ISODate("2020-08-10T08:27:12.270Z"),
	"__v" : 0
}

No warnings or errors according to the terminal.

[derrickmehaffy]

Ah

	"roles" : [
		ObjectId("5f3070d75dd9161e5c5d40a7"),
		ObjectId("5f3070d75dd9161e5c5d40a8"),
		ObjectId("5f3070d75dd9161e5c5d40a9")
	],

@petersg83 I'm wondering if that's the problem, one of the other roles overriding the super admin one?

[ghost]

Ah

	"roles" : [
		ObjectId("5f3070d75dd9161e5c5d40a7"),
		ObjectId("5f3070d75dd9161e5c5d40a8"),
		ObjectId("5f3070d75dd9161e5c5d40a9")
	],

@petersg83 I'm wondering if that's the problem, one of the other roles overriding the super admin one?

Super! It is resolved after removed the editor and author roles(need to logout and re-login).

But it's a bit confusing to me, when I submit a post, I need to asign the author, but the super admin account (or of other two roles) does not show in the user(collection) list, so I need to create one with the same email etc. So how about the role of this newly created account?

The super admin, author and editor are excluded from the user list right? Bit confused as I can also create a new role called Author in the Roles & Permissions and asign it to the newly created account, as mentioned above.

[petersg83]

I was able to reproduce it! Thanks a lot :)
I hear the confusion, maybe @JabStrapi can help making it clearer

[derrickmehaffy]

I think in this case @petersg83 if an admin user is apart of the super admin role, the others should be completely ignored (since you cant change the super admin permissions anyway)

[kauaicreative]

At one point, restarting the server and re-logging in allowed super-admin to access the new field. But this is no longer working for me. the issue remains, "No permissions to see this field"

[boristomas]

Also had the issue as superadmin, logging out and then re-login worked for me