Problem Prestashop 1.7.6.2 and (1) onKernelRequest in admin.php

[venditdevs]

Hi All, 

We have a strange problem and hoping anyone know whats the issue. We get strange message "forbidden" when we try to edit translations and instantly get logged out. Page is empy and message is only "forbidden". This comes from the file /src/adapter/security/admin.php.

 

        //if employee loggdin in legacy context, authenticate him into sf2 security context
        if (isset($this->legacyContext->employee) && $this->legacyContext->employee->isLoggedBack()) {
            $user = $this->userProvider->loadUserByUsername($this->legacyContext->employee->email);
            $token = new UsernamePasswordToken($user, null, 'admin', $user->getRoles());
            $this->securityTokenStorage->setToken($token);

            return true;
        }

First time entering page we enter this if statement, then it set some vars and return true. It looks like the second time its variables are not set ( isset($this->legacyContext->employee) && $this->legacyContext->employee->isLoggedBack() ) and then it skips the progress and return a false later in the file and where it redirect to the login page.

Some problem we have with editing products, which also results in same error in the same file. When i commend out the if statement it works! But after saving we still get logged out.

We tried disabling all overrides and modules already without any luck. Also updating Prestashop to the latest version didn't help.