Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove token from URL if identified as less privileged as a user token #8140

Open
MichaelBuessemeyer opened this issue Oct 22, 2024 · 0 comments
Open

Remove token from URL if identified as less privileged as a user token #8140

MichaelBuessemeyer opened this issue Oct 22, 2024 · 0 comments
Labels
enhancement frontend

Comments

@MichaelBuessemeyer
Copy link
Contributor

When sending a backend request with an insufficient token taken from the annotation URL the frontend now retries to use the user's personal token instead. Upon successful request, the frontend now only remembers not to use the token from the URL again. But it would be better if the token would be fully removed from the URL.

The reason is why this was not initially implemented this way is due to newly created cyclic dependencies: Check #8139 (comment)

Detailed Description

Context

In case a user opens an annotation with an outdated token or the user itself has permissions to update the annotation but not the token, each first time the frontend notices that it should use the user token an error toast is shown to the user.

To avoid this same behaviour over and over again after each page reload, the insufficient token should be removed from the URL. (IMO)

Other related links:
#7309 and PR that "fixes" this behaviour #8139
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement frontend
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MichaelBuessemeyer