Skip to content

Redirect unauthenticated users to sign in page for unauthorized views#7852

Merged
mrcasals merged 7 commits intodecidim:developfrom
mainio:fix/enforce-permissions-for-unauthenticated-users
Apr 20, 2021
Merged

Redirect unauthenticated users to sign in page for unauthorized views#7852
mrcasals merged 7 commits intodecidim:developfrom
mainio:fix/enforce-permissions-for-unauthenticated-users

Conversation

@ahukkanen
Copy link
Copy Markdown
Contributor

@ahukkanen ahukkanen commented Apr 17, 2021
edited
Loading

🎩 What? Why?

When the user is unauthorized to do something (e.g. create a new meeting) and there is a direct link to the new meeting page, the user will be redirected to the root of the application.

More sensible would be to ask the user to authenticate themselves.

Testing

  • Create an instance with a meetings component and meetings creation enabled for participants
  • Write the new meeting path (.../meetings/new) directly to the browser
  • See where the user is redirected to

📋 Checklist

  • CONSIDER adding a unit test if your PR resolves an issue.
  • ✔️ DO check open PR's to avoid duplicates.
  • ✔️ DO keep pull requests small so they can be easily reviewed.
  • ✔️ DO build locally before pushing.
  • ✔️ DO make sure tests pass.
  • ✔️ DO make sure any new changes are documented in docs/.
  • ✔️ DO add and modify seeds if necessary.
  • ✔️ DO add CHANGELOG upgrade notes if required.
  • ✔️ DO add to GraphQL API if there are new public fields.
  • ✔️ DO add link to MetaDecidim if it's a new feature.
  • AVOID breaking the continuous integration build.
  • AVOID making significant changes to the overall architecture.

mrcasals
mrcasals previously approved these changes Apr 19, 2021
View reviewed changes
@mrcasals mrcasals added module: core type: change PRs that implement a change for an existing feature labels Apr 19, 2021
@mrcasals mrcasals merged commit 0f41451 into decidim:develop Apr 20, 2021
@ahukkanen ahukkanen deleted the fix/enforce-permissions-for-unauthenticated-users branch April 20, 2021 12:00
orlera pushed a commit that referenced this pull request Apr 22, 2021
@ahukkanen
Redirect unauthenticated users to sign in page for unauthorized views (
b4e5044 
…#7852)
orlera pushed a commit that referenced this pull request Apr 22, 2021
@ahukkanen
Redirect unauthenticated users to sign in page for unauthorized views (
8fc60f0 
…#7852)
entantoencuanto added a commit that referenced this pull request Apr 23, 2021
@entantoencuanto
Merge branch 'develop' into active_storage_migration
e099ec2 
* develop:
  Upgrade decidim-bulletin_board to 0.20.0 (#7881)
  New Crowdin updates (#7870)
  Fix editor: shift+enter makes single br tag before link (#7877)
  Fix TypeError in newsletters (#7872)
  Give admin panel access to monitoring committee members (#7843)
  New Crowdin updates (#7869)
  New Crowdin updates (#7864)
  Onboarding workflow after voting (#7839)
  Fix filter by scopes (#7858)
  Redirect unauthenticated users to sign in page for unauthorized views (#7852)
  New Crowdin updates (#7861)
@ahukkanen ahukkanen mentioned this pull request Apr 26, 2021
Merged
12 tasks
@andreslucena andreslucena mentioned this pull request Feb 8, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@mrcasals mrcasals mrcasals approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

module: core type: change PRs that implement a change for an existing feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ahukkanen @mrcasals