Skip to content

Show info about missing permission on AccessForbiddenException#416

Open
rogersteblerbsi wants to merge 1 commit into
releases/26.2from
features/rsb/26.2/326455_errorCode
Open

Show info about missing permission on AccessForbiddenException#416
rogersteblerbsi wants to merge 1 commit into
releases/26.2from
features/rsb/26.2/326455_errorCode

Conversation

@rogersteblerbsi

@rogersteblerbsi rogersteblerbsi commented Jun 29, 2026

Copy link
Copy Markdown
Member

On a permission check an AccessForbiddenException is thrown. A message is shown to the user with a message like "You are not authorized to execute this action". But the user does not know which permission is missing.

This change adds an error code to the error popup on an AccessForbiddenException to give the user a hint which permission is missing.

326455

@rogersteblerbsi rogersteblerbsi self-assigned this Jun 29, 2026
matthiaso
matthiaso approved these changes Jun 30, 2026
View reviewed changes
Comment thread ...eclipse.scout.docs.snippets/src/main/java/org/eclipse/scout/docs/snippets/AccessSnippet.java
throw new AccessForbiddenException(TEXTS.get("YouAreNotAllowedToReadThisData"));
if (!ACCESS.check(new ReadCompanyPermission())) { // <1>
throw new AccessForbiddenException(TEXTS.get("YouAreNotAllowedToReadThisData"))
.withPermission(ReadCompanyPermission.class);

@matthiaso matthiaso Jun 30, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe also change documentation here:

scout.docs/docs/modules/technical-guide/pages/common-concepts/security.adoc

Lines 186 to 193 in 2f4d9af

[source,java,indent=0]
----
include::common:example$org.eclipse.scout.docs.snippets/src/main/java/org/eclipse/scout/docs/snippets/AccessSnippet.java[tags=ACCESS_A]
----
<1> Checks permission against granted permissions of current user.
<2> Checks permission and if this check fails, throw an `AccessForbiddenException` with a default message.
We can define a default access check failed message for a permission.

And add migration notes for users?

@rogersteblerbsi
Show info about missing permission on AccessForbiddenException
ee34f98 
On a permission check an AccessForbiddenException is thrown. A message
is shown to the user with a message like "You are not authorized to
execute this action". But the user does not know which permission is
missing.

This change adds an error code to the error popup on an
AccessForbiddenException to give the user a hint which permission
is missing.

326455
@rogersteblerbsi rogersteblerbsi force-pushed the features/rsb/26.2/326455_errorCode branch from cfdc72a to ee34f98 Compare June 30, 2026 12:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@matthiaso matthiaso matthiaso approved these changes

Assignees

@rogersteblerbsi rogersteblerbsi

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rogersteblerbsi @matthiaso