Unable to Invite User to Organization

CalebJTSmith · July 1, 2019, 2:59pm

When I first setup the on-premise setup (Docker Composer using the onpremise github), I was able to invite a user and such as normal. This was a few months back. Today, I am trying to invite a new user and receiving the error “You aren’t allowed to invite members.” everytime I try.

In the same way, I have random messages where I am “not authorized” to do something - like change integrations for my organization. I am an admin and a superuser, so I should be able to? It’s like something changed or was modified and I’m not sure where to even begin troubleshooting.

BYK · July 2, 2019, 9:06pm

Hi @CalebJTSmith! Your session may have got corrupted (no idea why tho). Did you try simply logging out and in again? I know that for certain actions we check another “sudo” session variable so that might be the issue.

CalebJTSmith · July 3, 2019, 12:50am

Unfortunately, that wasn’t it. Just in case - I logged in on a different browser/computer.

BYK · July 3, 2019, 11:27am

Have you tried running docker-compose run --rm web upgrade to see if it can fix anything on the database?

If that still doesn’t work I’d recommend running docker-compose run --rm web createuser --superuser to create a new user and login with that to fix and investigate the issue more.

CalebJTSmith · July 3, 2019, 1:16pm

I will give that a shot and see what happens! Thank you for the suggestions.

Edit: Unfortunately, I still can’t add a new user from the UI, but the CLI command worked perfectly so that will at least hold me over!

BYK · July 3, 2019, 2:50pm

What happens when you add a new super user from the CLI tho? Can you use that user to perform the actions mentioned above?

Also are there any logs from your Sentry instance that you can share with us when you get the errors?

CalebJTSmith · July 3, 2019, 3:14pm

The superuser that I create from the CLI is not able to do anything either - it has the same weird unauthorized errors. Let me go take a look at what logs I can find. Is there a general place where those get dumped?

BYK · July 3, 2019, 3:39pm

By default they are dumped to the console at INFO level.

CalebJTSmith · July 3, 2019, 3:49pm

I did a dump of the logs with docker-compose logs web and I just see the web requests. I see the 403 returned for /api/0/organizations/{ORGNAME}/members/, but no errors or anything.

BYK · July 5, 2019, 2:17pm

Is there any chance that your instance is not a single-organization one? Or maybe someone has changed SENTRY_SINGLE_ORGANIZATION setting?

CalebJTSmith · July 9, 2019, 6:15pm

Sorry! Back from vacation. Well, I took a look at the setting and was going to reply back and searched something real quick and came across this thread (No permissions for superuser)

It turns out - I had removed that default settings when we were originally setting up azure devops integration by making SENTRY_FEATURES a new object of values instead of extending on the default. So that was a wild goose chase for sure… but good to know if anyone makes a dumb mistake like I did.