[Workbench] Problem of management of access

[Lhorus6]

Description

Problem: If I am a "read only" user (e.g. only the "Access knowledge" capability), I can still see the workbenches created by other users in the Data tabs of the entities. However, if I click on them to open them, I am thrown out (back to the login page) without any information.

Environment

OCTI 6.3.11

Reproducible Steps

Steps to create the smallest reproducible scenario:

1. With an admin user, create a report A, import a pdf in the report A's Data tab, and generate a workbench (if it has not been generated automatically).
2. Create a User B with all marking allowed and only "Access knowledge" capability
3. Log in with user B
4. Go on the report A's Data tab.
5. Click on the workbench

Expected Output

Ideas:

• Either not see the workbench,
• Or an error is displayed telling me that I do not have the rights to access it,
• Or let me access it but not let me validate it (have the "Validate this workbench" button grayed out)

In any case, do not throw me out without information

[nino-filigran]

I agree, it's an ugly way to handle the situation. For me, we should allow access but not validate (3rd option).