Do you want to: When trying to edit a document with the Administrator user, sometimes with no pattern I get the following error:
Translated:
You do not have permissions to perform the action you are trying to do.
Please contact the document server administrator.
After that message appears, all the interface becomes lighter and I am not allowed to use anything but Download/Print… it is like having only Read permissions.
Document Server version: onlyoffice/documentserver:latest
This is my docker-compose.yaml
services:
db:
image: mariadb:10.11
container_name: seafile-mysql
environment:
- MYSQL_ROOT_PASSWORD=? # Requested, set the root's password of MySQL service.
- MYSQL_LOG_CONSOLE=true
- MARIADB_AUTO_UPGRADE=1
volumes:
- /opt/seafile-mysql/db:/var/lib/mysql # Requested, specifies the path to MySQL data persistent store.
networks:
- seafile-net
memcached:
image: memcached:1.6.18
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net
seafile:
image: seafileltd/seafile-mc:latest
container_name: seafile
ports:
- "8011:80"
# - "1443:443"
volumes:
- /opt/seafile-data:/shared # Requested, specifies the path to Seafile data persistent store.
environment:
- DB_HOST=db
- DB_ROOT_PASSWD=? # Requested, the value should be root's password of MySQL service.
- TIME_ZONE=Europe/Madrid # Optional, default is UTC. Should be uncomment and set to your local time zone.
- SEAFILE_ADMIN_EMAIL=?# Specifies Seafile admin user, default is 'me@example.com'.
- SEAFILE_ADMIN_PASSWORD=? # Specifies Seafile admin password, default is 'asecret'.
- SEAFILE_SERVER_LETSENCRYPT=false # Whether to use https or not.
depends_on:
- db
- memcached
networks:
- seafile-net
oods:
image: onlyoffice/documentserver:latest
container_name: seafile-oods
networks:
- seafile-net
environment:
- JWT_ENABLED=true
- JWT_SECRET=?
networks:
seafile-net:
OS: Using Docker
Browser version: Last Google Chrome version
Additional information:
I’m using Seafile and I followed this documentation:
Thanks for sharing the details. I see 403 errors in logs in particular that generally states that the requested file cannot be download due to restriction. Usually this means that the storage does not allow downloading the file or in some cases may indicate to the issue with Document Server configuration.
Please provide some more information:
Is HTTPS enabled for Document Server and Seafile?
Does this issue occur with specific files or all of them?
Do you use proxy services in your environment?
Do you have any issues with editing files from integrated test example?
To test integrated example please go to Document Servers’ Welcome Page via its address, there you will find an instruction on how to enable example (if it is not enabled). Once enabled, press GO TO EXAMPLE on the same Welcome Page and try creating or uploading any document to it to test wether you can edit it.
1. Is HTTPS enabled for Document Server and Seafile?
No it is not. Cloudflare Tunnel is the entity that is providing the HTTPS. 2. Does this issue occur with specific files or all of them?
This issue can occur with any file and it does not have a pattern. Meaning that a file that had this error, after a short time or using incognito will work. 3. Do you use proxy services in your environment?
I’m using Cloudflare Tunnel as a Reverse Proxy. 4. Do you have any issues with editing files from integrated test example?
When creating a file and trying to access I get a blank page:
This error could mean that Document Servers’ address was changed or defined incorrectly. Considering that integrated test example returns such result, please try creating new file again and then share logs of Document Server.
In general, we haven’t tested deployment in such environment.
Another interesting thing is that the error mentioned at the beginning of the discussion generates a 403:
[2024-10-01T09:40:37.237] [ERROR] [localhost] [a4e41883a465a259e4f6] [3079971af9364dd29bf563f7f5ffc7ae@auth.local] nodeJS - error downloadFile:url=https://example.com/seafhttp/files/e4501101-0f1d-4241-a4a6-e9d594404d0d/BDD.xlsx;attempt=3;code:null;connect:null Error: Error response: statusCode:403; headers:{"date":"Tue, 01 Oct 2024 09:40:37 GMT","content-type":"text/plain","content-length":"43","connection":"keep-alive","content-encoding":"gzip","cf-cache-status":"BYPASS","report-to":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Mzl0zhh9mBHa2Jif720v%2FHBP43hmuwdjfOQb31A%2Bo9A51xxTRaTFJgxoWq54n7kZdCO0iZY%2BkY%2FRHePCsWw1%2FfRp7cBDzfmo1lqhikjuZu42TWMCqeGOAMa%2BaLuozhbNBUY2lGOiLjHD24vjEXNnow%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}","nel":"{\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}","vary":"Accept-Encoding","server":"cloudflare","cf-ray":"8cbb7e03add5cbd3-MAD"};
at Request.fResponse (/snapshot/server/Common/sources/utils.js)
at Request.emit (node:events:527:28)
at Request.onRequestResponse (/snapshot/server/Common/node_modules/request/request.js:1066:10)
at ClientRequest.emit (node:events:527:28)
at HTTPParser.parserOnIncomingClient (node:_http_client:631:27)
at HTTPParser.parserOnHeadersComplete (node:_http_common:128:17)
at TLSSocket.socketOnData (node:_http_client:494:22)
at TLSSocket.emit (node:events:527:28)
at addChunk (node:internal/streams/readable:315:12)
at readableAddChunk (node:internal/streams/readable:289:9)
at TLSSocket.Readable.push (node:internal/streams/readable:228:10)
at TLSWrap.onStreamRead (node:internal/stream_base_commons:190:23)
This is actually an ERROR log so Document Server does generate such logs.
Please provide an update on the situation - do I understand correctly that Document Server still opens some files and then prompts warning when you are trying to type anything in the document and that integrated test example still does not work?
Since Docker is used, I have to ask wether you are proxying traffic to localhost or local address or to backend IP?
After a month observing the different errors, I think that the issue is combining Seafile+Onlyoffice with Cloudflare tunnel. My guess is that the Cache is generating all this errors. How can I disable and check if this is the case?
After a bit more of a month I found the solution. The configuration was set it up properly but the issue was Cloudflare.
Cloudflare was blocking some requests with a 403 (Forbidden) error for this documents that are large. This is because of the Cache of Cloudflare and the restricted request size of Cloudflare Tunnel. Blocking the cache for my page in Cloudflare solved my issue.
Thanks a lot for the support and I hope that this answer saves time for someone that is having the same issue!
.