#2320 Redirect to OpenID login if an anonymous user tries to access private tickets
Closed: Fixed 6 years ago Opened 6 years ago by robyduck.

Actually if a user is not logged into pagure and tries to access a private ticket from an email or an external URL, he will get a "Forbidden" white page, teling him he is not allowed to access this ticket.

Instead of doing that, people should get redirected to Ipsilon, where they can login and then:
get redirected to the private ticket if they have permissions
get redirected to the "Forbidden" page if they don't have permissions

That would make it much clearer and easier for people who "should" have access rights but are not logged to pagure in that specific moment.


Metadata Update from @pingou:
- Issue tagged with: RFE

6 years ago

I think that instead we should just show a "This page could not be found" identical to when the issue doesn't exist, so as to not leak the non-existance of private tickets.

Metadata Update from @pingou:
- Issue assigned to pingou

6 years ago

Login to comment on this ticket.

Metadata