Meaningful error message should be shown for unauthenticated reviewbouncing page

[ldidry]

Version

6.2.72

Installation method

Release tarball

Expected behavior

When going to https://example.org/sympa/reviewbouncing/list while being unauthenticated, I should get a "You need to login" message.

Actual behavior

I have a red box, used for error messages, but with no error message in it.

Steps to reproduce

Go to https://example.org/sympa/reviewbouncing/list while being not authenticated

Additional information

Here’s the relevant wwsympa’s log:

notice Sympa::Scenario::do_verify_custom() Using previous custom condition cache nobody
info main::check_action_parameters() [robot example.org] [session 91800303784794] [client 2001:db8::100] [list tock] Authorization failed, insufficient privileges
err main::#1547 [robot example.org] [session 91800303784794] [client 2001:db8::100] Missing required parameters for action "reviewbouncing"

[ikedas]

Duplicate of #1487 .

[racke]

Even if you get an error message it is not user friendly and confusing. It is better to redirect to the login with a friendly message like "Please login to review the bounces for list xyz.". So I suggest to close #1487 and reopen this issue.

[adam12b1]

+1

We are running into the same bug, but it is not just in this specific case - it happens in many different "access denied" cases, in fact I believe it is most cases.

For example: Login as a moderator, but not an owner. Try to access any of the list settings pages, many of which are still available in the nav menu. You always get the same empty red dialog box.

[ikedas]

Please apply this patch (against 6.2.72) and check if the problem will be solved.

[adam12b1]

Sorry to say, the patch had no effect, at least on the specific case we're seeing. (Login as an editor but not an owner, try to access any list settings pages.) I did not test any other cases.

[ikedas]

@adam12b1 , please apply this additional patch and try again.

[adam12b1]

Hooray, looks like that fixed it, thanks!