Ticket #2375 (closed enhancement: fixed)
Opened 6 years ago
Last modified 7 weeks ago
Permission denied page should mention logging in if not logged in.
| Reported by: | pfnguyen@… | Owned by: | rblank |
|---|---|---|---|
| Priority: | normal | Milestone: | 0.13 |
| Component: | general | Version: | 0.9 |
| Severity: | normal | Keywords: | |
| Cc: | |||
| Release Notes: |
Improved permission denied error message |
||
| API Changes: | |||
Description
There are many privileges I revoke from anonymous but grant to authenticated.
Permission Denied TICKET_CREATE privileges are required to perform this operation
When a user is not logged in and encounters the permission denied page it is not obvious that the person could log in and attempt to view the page.
Currently, not all users in my organization are trained to use Trac, however we have a single-sign-on setup and Apache/Trac? supports that. Thus all users in my organization can log in to trac.
When a new user comes to trac (and I point them at /newticket or something) they get a permission denied message and don't know what to do next. Instead, maybe we could have a message that looks like:
Permission Denied TICKET_CREATE privileges are required to perform this operation You are not logged in, please :login: and try again.
And with the 2nd attempt (if it still fails), present the message that the user logged in does not have the required ACL. Something like:
Permission Denied TICKET_CREATE privileges are required to perform this operation Your login, $REMOTE_USER, does not have the required permissions. [perhaps list the permissions granted here as well]
Attachments
Change History
comment:1 Changed 6 years ago by pfnguyen@…
- Milestone set to 0.9.2
comment:2 Changed 6 years ago by cmlenz
- Milestone changed from 0.9.3 to 1.0
Changed 6 years ago by james@…
A hacked error.cs file that kind of implements the required functionality. It's nowhere near perfect, but it's mildly functional.
comment:3 Changed 6 years ago by james@…
I just attached a modified error.cs file. You can dump it in the templates folder of your configuration and it will override the default. It's based on the 0.9.4 version from the distribution, and trys to give the user hints about what they can do.
This is the first time I've looked at Clearsilver/Python?, so the results aren't pretty. Take it and hack it however you like if you think it's useful.
comment:4 Changed 22 months ago by cboos
- Milestone changed from 1.0 to unscheduled
Milestone 1.0 deleted
comment:5 Changed 19 months ago by rblank
- Milestone changed from triaging to 0.13
- Owner changed from jonas to rblank
The first part (asking to login) has been implemented in [7494], released in 0.11.2 (and discussed in comment:16:ticket:5340).
We could also improve the error message as suggested in the second part.
comment:6 Changed 15 months ago by rblank
- Resolution set to fixed
- Status changed from new to closed
A slightly better error message for permission errors has been committed in [10322].
comment:7 Changed 7 weeks ago by Alex Willmer <al.willmer@…>
- Release Notes modified (diff)
let me toss in a milestone and you guys can change it from there...