Admin user not recognized on Bonobo Git Server
I'm am using the Bonobo Git Server on IIS for a while and it works fine.
I hardly ever use the web interface and if I do, I log in as a normal user.
Today I logged in as the administrator but the admin links at the top are missing.
Normally I should see:
but I only get the normal user links, the create new repository button doesn't show up and when I go to:
../Settings/Index
I get an:
Unauthorized - You don't have permission for the selected action or page
I am sure I'm logged in as the admin user and the role membership has not been changed, but it seems I'm just a normal user.
There are no errors in the Bonobo or Windows logs.
I copied the site to my local server and the same files work just fine, I see the full admin interface.
I know some server hardening has taken place on the production server, but I don't know the details.
Does anybody has an idea what could case this?
I investigated the "server hardening" on the production machine and it turns out they remove many unused modules and handlers from IIS on the machine level.
They did tests on all sites and the Bonobo Git Server seemed to work fine.
Considering the problem, the admin user is not recognized as an admin, I looked at the source code for Bonobo and they are using User.IsInRole.
So it seems it they are using the ASP.NET membership provider.
I then looked at the removed IIS modules, one of them is:
System.Web.Security.RoleManagerModule
removing that locally resulted in exact the same problem I experienced on the production server.
So I ask the server admin to add that module back in:
New-WebManagedModule -Name RoleManager -Type System.Web.Security.RoleManagerModule -Precondition "managedHandler"
and everything is working fine, the admin user is a full administrator again.