Home Original page

Fix Unauthorized Message Issue for Users with Project Permissions Creating Scripts by sanjacornelius · Pull Request #5679 · ProcessMaker/processmaker

This PR resolves an issue where users with only Project Permissions encountered an Unauthorized message when creating a script in their project and being redirected to the script builder page.

The problem was traced to the script builder endpoint not being included as an allowed endpoint for users with the create-projects permission. The solution includes adding the script builder endpoint designer/scripts to the allowedEndpoints array for users with the create-projects permission.

Solution

  • Included the script builder endpoint designer/scripts in the allowedEndpoints array for users with the 'create-projects' permission.

How to Test

  1. Create a user with only Project Permissions.
  2. Log in as that user.
  3. Create a project.
  4. Within the project, select the '+ Asset' button and create a new script.
  5. Confirm that after creating the script, you are redirected to the script builder page without encountering errors.
  6. Navigate back to the project you created.
  7. Select the script title.
  8. Ensure that after selecting, you are redirected to the script builder page without encountering error

Related Tickets & Packages

ci:next

Code Review Checklist

  • I have pulled this code locally and tested it on my instance, along with any associated packages.
  • This code adheres to ProcessMaker Coding Guidelines.
  • This code includes a unit test or an E2E test that tests its functionality, or is covered by an existing test.
  • This solution fixes the bug reported in the original ticket.
  • This solution does not alter the expected output of a component in a way that would break existing Processes.
  • This solution does not implement any breaking changes that would invalidate documentation or cause existing Processes to fail.
  • This solution has been tested with enterprise packages that rely on its functionality and does not introduce bugs in those packages.
  • This code does not duplicate functionality that already exists in the framework or in ProcessMaker.
  • This ticket conforms to the PRD associated with this part of ProcessMaker.