Analyzing "You do not have sufficient permissions to access this page" error in WP admin

Recently, a client came to us with a problem – they were suddenly unable to log in to their WordPress/WooCommerce site.

you-do-not-have-sufficient-permission-to-access-this-page

 

Even when logged in as Administrator, You do not have sufficient permissions to access this page error message was displayed and it was not possible to navigate to any page in wp-admin – even the account’s profile page. This symptom indicates that WP cannot find the roles and permissions of your account from the database – so it assumes you don’t have any permissions at all.

The most typical cause for this problem is the database prefix setting. In wp-config.php, it looks like this:

/**
 * WordPress Database Table prefix.
 *
 * You can have multiple installations in one database if you give each a unique
 * prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wp_';

Some developers change the DB prefix for various reasons (which I’ll not discuss in this post). When this is done during the installation process, it shouldn’t cause any problems. However, when migrating your site or changing the DB prefix after installation, there’s a chance to break something. This is because the field titled “Database Table Prefix” is actually not only for table prefixes, but also for some field prefixes. For example, each account’s capabilities (i.e. permissions) are stored in [$table_prefix]usermeta table on the row where meta_key is [$table_prefix]capabilities.

So if your table prefix is “ASD_” then that table row’s meta key is not ‘wp_capabilities’ but ‘ASD_capabilities’.

The same applies for quite a few other usermeta fields, options fields, etc.

 

However, in my case this was not the problem. I reviewed the db table fields and everything looked fine. So the next step in debugging the problem was disabling all plugins – the client had installed some suspicious plugins from CodeCanyon and I assumed they were causing this issue. But this didn’t give me any results either.

Next, I wanted to make sure that it actually is an issue with the database, so I wrote a simple function which filters all capability checks and returns true.

// This goes to your theme's functions.php
function codelight_all_permissions( $allcaps, $cap, $args ) {
    $allcaps[$cap[0]] = true;
    return $allcaps;
}
add_filter( 'user_has_cap', 'codelight_all_permissions', 0, 3 );

After adding this code to the theme, I was able to log in, which confirmed my suspicion that it was an issue with the database. A quick look in WP admin revealed that something had deleted all user roles and there was only one role remaining (which was called something like Wholesale Customer).

In order to restore the default roles, I re-added the default content to wp_options table, wp_user_roles option (from WP v4.2.2)

a:5:{s:13:"administrator";a:2:{s:4:"name";s:13:"Administrator";s:12:"capabilities";a:62:{s:13:"switch_themes";b:1;s:11:"edit_themes";b:1;s:16:"activate_plugins";b:1;s:12:"edit_plugins";b:1;s:10:"edit_users";b:1;s:10:"edit_files";b:1;s:14:"manage_options";b:1;s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:6:"import";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:8:"level_10";b:1;s:7:"level_9";b:1;s:7:"level_8";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;s:12:"delete_users";b:1;s:12:"create_users";b:1;s:17:"unfiltered_upload";b:1;s:14:"edit_dashboard";b:1;s:14:"update_plugins";b:1;s:14:"delete_plugins";b:1;s:15:"install_plugins";b:1;s:13:"update_themes";b:1;s:14:"install_themes";b:1;s:11:"update_core";b:1;s:10:"list_users";b:1;s:12:"remove_users";b:1;s:9:"add_users";b:1;s:13:"promote_users";b:1;s:18:"edit_theme_options";b:1;s:13:"delete_themes";b:1;s:6:"export";b:1;}}s:6:"editor";a:2:{s:4:"name";s:6:"Editor";s:12:"capabilities";a:34:{s:17:"moderate_comments";b:1;s:17:"manage_categories";b:1;s:12:"manage_links";b:1;s:12:"upload_files";b:1;s:15:"unfiltered_html";b:1;s:10:"edit_posts";b:1;s:17:"edit_others_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:10:"edit_pages";b:1;s:4:"read";b:1;s:7:"level_7";b:1;s:7:"level_6";b:1;s:7:"level_5";b:1;s:7:"level_4";b:1;s:7:"level_3";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:17:"edit_others_pages";b:1;s:20:"edit_published_pages";b:1;s:13:"publish_pages";b:1;s:12:"delete_pages";b:1;s:19:"delete_others_pages";b:1;s:22:"delete_published_pages";b:1;s:12:"delete_posts";b:1;s:19:"delete_others_posts";b:1;s:22:"delete_published_posts";b:1;s:20:"delete_private_posts";b:1;s:18:"edit_private_posts";b:1;s:18:"read_private_posts";b:1;s:20:"delete_private_pages";b:1;s:18:"edit_private_pages";b:1;s:18:"read_private_pages";b:1;}}s:6:"author";a:2:{s:4:"name";s:6:"Author";s:12:"capabilities";a:10:{s:12:"upload_files";b:1;s:10:"edit_posts";b:1;s:20:"edit_published_posts";b:1;s:13:"publish_posts";b:1;s:4:"read";b:1;s:7:"level_2";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;s:22:"delete_published_posts";b:1;}}s:11:"contributor";a:2:{s:4:"name";s:11:"Contributor";s:12:"capabilities";a:5:{s:10:"edit_posts";b:1;s:4:"read";b:1;s:7:"level_1";b:1;s:7:"level_0";b:1;s:12:"delete_posts";b:1;}}s:10:"subscriber";a:2:{s:4:"name";s:10:"Subscriber";s:12:"capabilities";a:2:{s:4:"read";b:1;s:7:"level_0";b:1;}}}

.. which fixed the issue.

In the end, I suspect one of the Codecanyon plugins deleted all WP roles, but I didn’t bother figuring out the exact reason – the plugins contained 5000+ lines of very similar code with minor variations so it was rather difficult to read and not worth the time.

 

Indrek Kõnnussaar

I'm a veteran Wordpress developer, context-driven tester, security enthusiast and the mastermind behind Codelight. I love building stuff that works and fixing stuff that doesn't.

Write me directly indrek@codelight.eu

31 Responses to “Analyzing “You do not have sufficient permissions to access this page” error in WP admin”

  1. Rub

    Thanks, your solution helped me restoring the default roles on user_roles option.
    So one of the plugin I install and deleted made this problem?
    Why someone make such a thing?

    Reply
  2. Lior

    Thanks you, it worked!

    Reply
  3. Sean

    Saved my butt. Thanks.

    Reply
  4. angel alfaro

    thanks, for your work, i solved my problem
    br

    Reply
  5. dragomir

    Great. Helped me a lot.

    Thanks.

    Reply
  6. Irish

    Thanks a lot! I’ve been looking for fix when I thought its the plugin whew!

    Reply
  7. Gary Donovan

    Thanks heaps.

    Reply
  8. Jeroen

    You made my day!! After visiting many useluss forums this resolved my problem.

    Reply
  9. Jay

    Awesome, finally it worked.. thanks a lot

    Reply
  10. ken

    You’re the man bro! saves m tons of time for your code! very helpful!

    Reply
  11. Seun

    Thanks for the post, but in my own case what worked for me was just to change the wpje_user_roles to wp_user_roles inside the wp_options table.

    Reply
  12. Samirah Mamode

    YOU saved my hardwork of 6month.. God bless you!

    Reply
  13. Jerry

    This helped me, albeit one minor work-around.

    I reset the user roles, but I noticed my login user had a slightly different array for wp_capabilities.

    Somehow, it had the value = a:1:{s:13:”administrator”;b:1;}

    I changed the last two to “a:2” and it worked! Thanks!

    Reply
  14. Antonio Mª Martín

    Muchas gracias. Para mí ha sido la solución. He aplicado las reglas por defecto que usted indica (mediante el método de copiar y pegar el código que usted proporciona en esta página web) y también sirven para WP 4.5.3

    Reply
  15. roie

    Thank you very much! Searched for hours before coming to this post.

    Reply
  16. Cyber

    You are the MAN! Thanks, this worked like a charm after hours of research.

    Reply
  17. Dee

    You are AMAZING!!! I never comment on things (serial lurker), but I just had to write to THANK YOU SO MUCH for your help with this.

    I was unable to access my /wp-admin dashboard (I could access all the other admin pages though) for like 6 months or longer and had no idea why.

    I would search periodically for hours for solutions and then get tired of searching and give up, only to try again a few days or weeks later -but finally, thanks to you I can finally access everything.

    THANK YOU! THANK YOU! THANK YOU!

    Reply
  18. ZeleRoman

    Thanks, it helped a lot!

    Reply
  19. Muneeb

    Hi

    Thanks for the article, i was able to login by adding filter, but restoring capabilities and removing filter gives the same error…..what i understood, filter hook by-pass the permissions and allow user to login, correct?

    Reply
    • Indrek Kõnnussaar

      Yes, the filter basically bypasses all permissions checks, which means that the error is probably in your database. Perhaps try getting the wp_user_roles contents from a clean WP install that matches your WP version?

      Reply
  20. Abdul Alim

    Thanks a tonne! This, and only this worked for me. You are incredible!

    Reply
  21. Al

    Nicely done! Thanks for making me look very clever lol

    Reply
  22. JB

    You’re the best, man. This solution fixed it

    Reply
  23. R K Shrivastaw

    Hi I added your code in function.php but nothing improve. It still showing the wp-admin – You do not have sufficient permissions to access this page. I checked also my config.php and table prefix is same as default – wp_ and usermeta capabilities is – wp_capabilities. Please let us know what next we can to get rid of this issue.

    Reply
  24. Valentin

    Thank you sir, nice hack that restored the wpadmin area where I did “make order” in those evil plugins that caused the problem in first place (I also mention that renaming the plugin folders, all of them, did not solved the problem since the culprit was the database).
    Have a great day ! Thanks a lot !

    Reply
  25. Manuel Herrera

    Hi,

    Dont work for me, still dont get wp-admin access

    Reply
    • Indrek Kõnnussaar

      Can you clarify what you did exactly?

      Reply
  26. Lerry

    Adding the function to functions.php and changing “b:1” to “a:2” in user_capabilities fixed it all.
    Thank you.

    Reply
  27. Timo

    You saved my life ! Thank you sooooo much for this !

    Reply
  28. Danielius

    You saved my ass, Indrek. Thanks! 🙂

    (I logged in using the functions code you wrote, saw that everyhing is roleless, installed “role editor” plugin and reseted everything with it.)

    Reply
  29. Pablo

    Indrek, The Master of the masters!
    Amazing trick, it was like magic!
    Thank you, you ended 4 days of search in forums and to attempts several solutions with no luck.
    many thanks!! You rock! \m/ \m/ \m/

    Reply

Leave a Reply

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×