Closed maltfield closed 5 months ago
Ah, good catch - you're exactly right, by default new users aren't marked as trusted yet, and this is a case that isn't handled yet. Will poke.
BTW, your own account has been marked as trusted for a while, so you should no longer be hitting this.
I figured it'd be nicer to just hide the button (as we do for the other upload button) until the user is trusted, so they don't try to upload only to be hit by an error message. So that's what I've done for now.
Bug: Currently if the user doesn't have permission to upload files to lib.reviews, it incorrectly gives the following error
Problem
If a user that doesn't have permission to upload a file attempts to upload a file, then the website UI gives them a misleading error message.
But, in fact, if you open the browser debugger then you can see a request to upload the file to
https://lib.reviews/api/actions/upload
returned a400
error with the following JSON responseSteps to reproduce
Review
input textareaUpload and insert media
buttonSelect file
description
input textareaThis file is my own work. I agree to release it under the CC-BY-SA license.
Start upload
Solution
If the server returns an error because the user doesn't have permission to upload the files, then the UI should output an error message that very clearly indicates that this is a permission issue.
Ideally, it would literally include the contents of the
errors
key that's returned by the server. For example, the UI should say