Affects Version/s: 7.2.X, Master
Component/s: Page Templates > Display Page Templates
Branch Version/s:7.3.x, 7.2.x, 7.1.x
Backported to Branch:Committed
Users expect the same behavior visiting contents via its friendlyURL than visiting pages without the view permission. Mainly because the users could don't know if they are visiting a content or other type of page when they are navigating.
So, content having a friendlyURL and an associated display page, if the user is not signed into the portal and does not have view permissions, the login option should be available, just like the portal behaves with type portlet pages.
The current behavior is very confuse and inconsistent, also, you are getting and 200 ok, and a message saying that you are not allowed to view the content, when you asked for a page in the navigator.
Steps to reproduce:
- Create a Display page template for web content, basic web content, publish it and set as the default display page
- Add some fragments mapping the title and the content fields of the web content.
- Create a basic web content with the following fields:
title: this is a web content
content: this is a web content
- Edit the "This is a web content" permissions, and set only viewable by the owner and the site member (remove all permissions for guest)
- Sign-out and go to: http://localhost:8080/web/guest/-/this-is-a-content
Expected: You view the login prompt, and after signed into the portal you are redirected to the display page with the content.
Observed: 200 ok - but a page with an error message regarding permissions
Final solution to implement: To maintain the current behavior and do not redirect to the login, this is because currently we are going to considere this kind of pages as public and accessible by guest. However, the error message is going to be more specific: "You do not have the required permissions to view the content of this page" and a Http Status Code 401 or 403 for guest users or
signed users respectively, if they are not allowed to view the Asset/Content.