Access Denied: Not Allowed to Access this Controller

A user is able to log in, no failed attempts recorded, but is not able to access a specific resource they were able to access last week. A different user, in the same role and user group as the first user, is able to access the specific resource without issue. Both users are active, and not blocked.

The user experiencing the issue is able to log in successfully, but is not able to access a specific resource. The error they receive when attempting to access the resource is “Access Denied: Not allowed to Access this Controller”. They have attempted from multiple machines, and multiple browsers.

Previously, as recently as last week, the user was able to create and publish content, as well as upload files, for this resource.

Using MODX 3.0.3

Take a look at the Access Permissions tab when you edit both users. See if they belong to the same user groups, and have the same role for each group.

Thank you bobray for your suggestion and your reply, I appreciate it. I should have mentioned in my original post that both users belong to the same user group, and do have the same role for the group.

That message results from a failed call to checkPermissions(). As far as I know, the MODX core versions of that all return true. My guess is that a class in some extra is overriding that function with its own checkPermissions() function.

If you have a way to search the MODX files, you could search in the core/components directory for “function checkPermissions”

Why that would affect one user and not another is still a mystery, unless one user is a sudo user.

If this is the “resource/update” controller, then the code checks (in the function checkPermissions()) if the user has the edit_document permission. The error message implies that this is (somehow) not the case.