Bug: Operational user "Users" dashboard link is clickable, but throws 403 error when clicked due to inadequate authorization

sfbrigade / bats-server

Routed is an app to help ambulances direct non-critical patients to hospital emergency rooms with the most availability.

https://routedapp.org/

GNU Affero General Public License v3.0

18 stars 11 forks source link

Bug: Operational user "Users" dashboard link is clickable, but throws 403 error when clicked due to inadequate authorization #327

Open pnilan opened 9 months ago

pnilan commented 9 months ago

Issue

A non-adminstrative and non-superuser will be redirected to dashboard after successful login. The use can see and click on the "users" dashboard link which then throws a 403 error due to inadequate permissions.