503920 - When clicking on a diff link in an email notification, no credentials are asked and the platform denies access

Status: VERIFIED FIXED

(support.mozilla.org :: Knowledge Base Software, task)

Description

[Underpass]

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; it; rv:1.9.1) Gecko/20090624 Firefox/3.5
Build Identifier: 

I tried to be as clear as possible in the summary, but this is what happens: when monitoring an article, you often receive email notifications about article changes. These email messages contain links to diffs, like

https://support.mozilla.com/tiki-pagehistory.php?page=Firefox%20crashes&compare=1&oldver=73&newver=74&diff_style=minsidediff

If you are not already logged in SUMO and click on one of these links, the system simply denies access to the page history, saying that you are not authorized to see it.

At this point you have to click on the "Log in" link and insert credentials to finally see the page history.

I think it would be better if credentials are asked when clicking on one of those links to diffs, just like happens when accessing an article located in the staging area.

Reproducible: Always

Comment 1

[Paul Craciunoiu [:paulc]]

Attachment: patch, v1

Setting $errortype brings up the login form.

Comment 2

[Paul Craciunoiu [:paulc]]

r30139 / r30140

Comment 3

[krupa raj[:krupa]]

Now user is prompted to log in.verified using the link-
https://support-stage.mozilla.org/tiki-pagehistory.php?page=ohyesIdid&compare=1&oldver=2&newver=3&diff_style=minsidediff

Bug 505493 was filed about the inaccurate user message.

Marking this verified

Comment 4

[Louis-Philippe Huberdeau]

Fixed already. However, code 401 is used instead, which will show the login box if $prefs.permission_denied_login_box is enabled.