BookStack icon indicating copy to clipboard operation
BookStack copied to clipboard
verified publisher icon BookStackApp

Deleting a revision when lacking permissions kicks you back to far

Open Mailstorm-ctrl opened this issue 3 years ago • 0 comments

Describe the Bug

If you use an account that is allowed to view revisions but does not have the permission to delete revisions then attempt to delete a revision, you will be knocked back to the homepage.

This isn't that big of a deal but it is quite a shock from a user standpoint. Ideally you just get a message that says you don't have permission and then does nothing.

Steps to Reproduce

  1. Have a role that can read/view a book/shelf/whatever
  2. Have that same role not able to delete entity from step 1
  3. Be signed in as a user with the above role properties
  4. Look at revisions for page.
  5. Attempt to delete a revision.

Expected Behaviour

Just a "No permission to do that" error. NOT a kickback to the homepage.

Screenshots or Additional Context

No response

Browser Details

No response

Exact BookStack Version

22.09

PHP Version

No response

Hosting Environment

Ubuntu 20.04 LTS

Mailstorm-ctrl avatar Sep 14 '22 01:09 Mailstorm-ctrl