Restrict page visibility based on membership

gabestein commented 2 months ago

Motivation

So users can only navigate—and see links to—pages that they are capable by way of community membership.

Requirements

Modify pages so that non-community-level admins cannot access:

Stage Editor
Types
Fields
Forms
Integrations
Members
Settings

In addition, modify the pub page such that only community admins and members with explicit pub membership can see or access it.

When a user navigates to a page that they do not have access to, they should be redirected to a new Unauthorized page with generic error text. This page should have the side navigation visible so users can navigate away from the 403 page.

Acceptance Criteria

Out of scope: hide options from sidebar that user doesn't have access to.
Out of scope: fixing the issue where contributors can access the workflows and integrations pages for communities are not a member of.
The pages listed in the requirements should only be visible if the user has editCommunity capability.
Uses functions implemented in #671.
End-to-end tests that assert that pages are only visible in the sidebar AND accessible when the above conditions are met.
Side navigation is visible on the unauthorized page.
Unauthorized page returns an HTTP 403 status code.

kalilsn commented 2 weeks ago

What should we show users when they navigate to a page that they're not authorized to see? IMO this is a good time to add a 403 error page

3mcd commented 2 weeks ago

@kalilsn I'll update the requirements to reflect a redirect to a new 403 page. I don't think the contents of the page matter that much right now. Sound right?

kalilsn commented 2 weeks ago

Yeah, I think we can just render the sidebar and some kind of error text in the main page so that users can keep navigating. And we should probably call out the issue where contributors (so anyone who has been invited to fill out a form) can access the workflows and integrations pages in communities they are not a member of.

gabestein commented 2 weeks ago

Yeah, that seems fine for now. I should also note that @tefkah is working on replacing the sidebar with ShadCN, which will make this easier, so it's fine to just do the errors for now.

kalilsn commented 2 weeks ago

Out of scope: fixing the issue where contributors can access the workflows and integrations pages for communitiesthey are not a member of.

I meant that should be in scope probably! But if there's another issue that covers it that's great too!

gabestein commented 19 hours ago

@kalilsn sorry I missed that one. @3mcd if this hasn't been done yet, let's add that back to the scope?

pubpub / platform