Viewing a shared analytics dashboard without permission shows a 500 error page
Problem to solve
When a user views a public project's analytics dashboard page and they are not authorised or authenticated they see a 500 error page.
The impact is that users viewing a shared link might be confused why they are getting an error instead of an insufficient access / 404 page.
Screenshots
Steps to reproduce
Open the following link in an incognito browser window:
Proposed solution
Show a 404 / insufficient access / login page when a user is not authorised to view the dashboard.
Note that only users with the reporter role and up should be allowed to view product analytics dashboards.
Use Cases
Page/UX component | User role | What they should see | notes |
---|---|---|---|
Left Nav Item for dashboards page | Not a member of the project | Should not see the nav item | n/a |
Left Nav Item for dashboards page | Member of the project below developer role | Should not see the nav item | n/a |
Left Nav Item for dashboards page | Member of the project developer role or higher | Should see the nav item | n/a |
Dashboards listing page | Not a member of the project | 404 or unauthorized? | n/a |
Dashboards listing page | Member of the project below developer role | Unauthorized? Custom page? | n/a |
Dashboards listing page | Member of the project developer role or higher | Dashboard listings | n/a |
All settings cases were covered in Define permissions for who can access feature s... (#375103 - closed) • Allen Cook • 15.11
Implementation plan
TBD
Edited by James Heimbuck