Edgewall Software
Modify

Opened 15 years ago

Closed 10 years ago

Last modified 9 years ago

#2375 closed enhancement (fixed)

Permission denied page should mention logging in if not logged in.

Reported by: pfnguyen@… Owned by: Remy Blank
Priority: normal Milestone: 1.0
Component: general Version: 0.9
Severity: normal Keywords:
Cc: Branch:
Release Notes:

Improved permission denied error message

API Changes:
Internal Changes:

Description

There are many privileges I revoke from anonymous but grant to authenticated.

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

When a user is not logged in and encounters the permission denied page it is not obvious that the person could log in and attempt to view the page.

Currently, not all users in my organization are trained to use Trac, however we have a single-sign-on setup and Apache/Trac supports that. Thus all users in my organization can log in to trac.

When a new user comes to trac (and I point them at /newticket or something) they get a permission denied message and don't know what to do next. Instead, maybe we could have a message that looks like:

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

You are not logged in, please :login: and try again.

And with the 2nd attempt (if it still fails), present the message that the user logged in does not have the required ACL. Something like:

Permission Denied

TICKET_CREATE privileges are required to perform this operation 

Your login, $REMOTE_USER, does not have the required permissions.
[perhaps list the permissions granted here as well]

Attachments (1)

error.cs (3.4 KB ) - added by james@… 15 years ago.
A hacked error.cs file that kind of implements the required functionality. It's nowhere near perfect, but it's mildly functional.

Download all attachments as: .zip

Change History (8)

comment:1 by pfnguyen@…, 15 years ago

Milestone: 0.9.2

let me toss in a milestone and you guys can change it from there…

comment:2 by Christopher Lenz, 15 years ago

Milestone: 0.9.31.0

by james@…, 15 years ago

Attachment: error.cs added

A hacked error.cs file that kind of implements the required functionality. It's nowhere near perfect, but it's mildly functional.

comment:3 by james@…, 15 years ago

I just attached a modified error.cs file. You can dump it in the templates folder of your configuration and it will override the default. It's based on the 0.9.4 version from the distribution, and trys to give the user hints about what they can do.

This is the first time I've looked at Clearsilver/Python, so the results aren't pretty. Take it and hack it however you like if you think it's useful.

comment:4 by Christian Boos, 10 years ago

Milestone: 1.0unscheduled

Milestone 1.0 deleted

comment:5 by Remy Blank, 10 years ago

Milestone: triaging0.13
Owner: changed from Jonas Borgström to Remy Blank

The first part (asking to login) has been implemented in [7494], released in 0.11.2 (and discussed in comment:16:ticket:5340).

We could also improve the error message as suggested in the second part.

comment:6 by Remy Blank, 10 years ago

Resolution: fixed
Status: newclosed

A slightly better error message for permission errors has been committed in [10322].

comment:7 by Alex Willmer <al.willmer@…>, 9 years ago

Release Notes: modified (diff)

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Remy Blank.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Remy Blank to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.