cofoundry icon indicating copy to clipboard operation
cofoundry copied to clipboard

Published 20 hours ago verified publisher icon cofoundry-cms

Improved default handling of PermissionValidationFailedException

Open JornWildt opened this issue 3 years ago • 1 comments

If I show a list of entity view models and use the standard query mechanism, then it will throw PermissionValidationFailedException if the end user does not have access to the items. That is fine.

Unfortunately there is no default handling stating "You do not have access to this page". All I get is a message and a stack trace:

PermissionValidationFailedException: Permission Validation Check Failed. Permission Type: Cofoundry.Domain.CustomEntityReadPermission. UserId:

Cofoundry.Domain.Internal.PermissionValidationService.EnforcePermission(IPermissionApplication permission, IUserContext userContext)
Cofoundry.Domain.Internal.PermissionValidationService.EnforcePermission(IEnumerable<IPermissionApplication> permissions, IUserContext userContext)
Cofoundry.Domain.Internal.ExecutePermissionValidationService.Validate<TQuery, TResult>(TQuery query, IAsyncQueryHandler<TQuery, TResult> queryHandler, IExecutionContext executionContext)
Cofoundry.Domain.CQS.Internal.QueryExecutor.ExecuteQueryAsync<TQuery, TResult>(TQuery query, IExecutionContext executionContext)
Cofoundry.Domain.CQS.Internal.QueryExecutor.ExecuteAsync<TResult>(IQuery<TResult> query, IExecutionContext executionContext)
Cofoundry.Domain.CQS.Internal.QueryExecutor.ExecuteAsync<TResult>(IQuery<TResult> query)

JornWildt avatar Mar 13 '21 22:03 JornWildt

We should be able to catch the error and redirect to the 403 custom error page.

HeyJoel avatar Mar 14 '21 20:03 HeyJoel