The policy checks if a label intended for a new annotation belongs to a label tree that is attached to the project(s) of the file. If this is not the case, the user now just receives a cryptic "unauthorized" response. This should be improved with a more helpful error message. Use Response::deny() for this with the message: "You are not authorized to use label xxx because the label tree is not attached to the project."
Maybe we should look through the other policies if there are other places where we could improve error messages.
https://github.com/biigle/core/blob/5f6861a69eef53fa1e22b77be8e0d2c1e2231ccf/app/Policies/AnnotationPolicy.php#L124-L128
The policy checks if a label intended for a new annotation belongs to a label tree that is attached to the project(s) of the file. If this is not the case, the user now just receives a cryptic "unauthorized" response. This should be improved with a more helpful error message. Use
Response::deny()
for this with the message: "You are not authorized to use label xxx because the label tree is not attached to the project."Maybe we should look through the other policies if there are other places where we could improve error messages.