From 9233c5af15de126fd9f6eb53bdf0f255ab8c257d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=20Jeaurond?= <benoit@jeaurond.dev>
Date: Fri, 14 Jun 2024 17:16:25 -0400
Subject: [PATCH] feat: create custom 404 pages and create roles + hide/show UI
 accordingly (#82)

* feat: create custom 404 pages

* feat: add user count in sidenav

* feat: create roles for request/history + hide/show UI related components
---
 backend/auth/src/lib.rs                       |   5 +-
 ...1ac865eb628e6aee419ecb58c8cd8802bcc5.json} |  16 +-
 backend/database/src/logic/stats.rs           |   4 +-
 backend/database/src/schemas/stats.rs         |   4 +
 backend/makefile                              |   2 +-
 backend/server/src/error.rs                   |   5 +-
 .../server/src/routes/requests/execute/get.rs |   5 +
 backend/server/src/routes/requests/get.rs     |  18 ++-
 frontend/src/api/index.ts                     |   5 +
 frontend/src/atoms/auth.ts                    |   2 +-
 frontend/src/components/auth-link.tsx         |  23 +++
 frontend/src/components/auth-visible.tsx      |  23 +++
 frontend/src/components/index.ts              |   4 +
 .../src/components/layouts/authenticated.tsx  |  32 ++--
 frontend/src/components/nav.tsx               | 151 ++++++++++--------
 frontend/src/components/not-found.tsx         |  19 +++
 frontend/src/components/simple-error.tsx      |  70 ++++++++
 frontend/src/components/stats-counter.tsx     |  14 +-
 frontend/src/i18n/en_CA.json                  |   9 ++
 frontend/src/i18n/fr_CA.json                  |   9 ++
 frontend/src/lib/auth.ts                      |  30 +++-
 frontend/src/navigation/index.tsx             |   2 +
 frontend/src/routes/history/$id.tsx           |   9 +-
 frontend/src/routes/history/index.tsx         |  20 +--
 frontend/src/routes/history/route.tsx         |  15 +-
 frontend/src/routes/index.tsx                 |  74 ++++++---
 frontend/src/routes/lists/$slug.tsx           |  11 +-
 frontend/src/routes/providers/$slug.tsx       |   7 +
 frontend/src/routes/request.tsx               |   2 +-
 frontend/src/routes/sources/$slug.tsx         |   7 +
 frontend/src/routes/users/$id.tsx             |   7 +
 frontend/src/types/backendTypes.ts            |   4 +
 makefile                                      |   4 +-
 33 files changed, 473 insertions(+), 139 deletions(-)
 rename backend/database/.sqlx/{query-f72f903d05b3fff282aeb2b9f1a2281636e5f3168e10d18f8267cc7913ec5738.json => query-f7d8587bafcc9fb8f90457cbc75c1ac865eb628e6aee419ecb58c8cd8802bcc5.json} (77%)
 create mode 100644 frontend/src/components/auth-link.tsx
 create mode 100644 frontend/src/components/auth-visible.tsx
 create mode 100644 frontend/src/components/not-found.tsx
 create mode 100644 frontend/src/components/simple-error.tsx

diff --git a/backend/auth/src/lib.rs b/backend/auth/src/lib.rs
index 9541ed2..4c51ae7 100644
--- a/backend/auth/src/lib.rs
+++ b/backend/auth/src/lib.rs
@@ -11,10 +11,11 @@ use rand::{thread_rng, Rng};
 
 use error::{Error, Result};
 
-pub fn require_roles(user_roles: &[&str], required_roles: &[&str]) -> Result<()> {
+pub fn require_roles(user_roles: &[String], required_roles: &[&str]) -> Result<()> {
     let missing_roles = required_roles
         .iter()
-        .filter(|role| !user_roles.contains(role))
+        // TODO: rework this to not need to convert to string
+        .filter(|role| !user_roles.contains(&role.to_string()))
         .map(|role| role.to_string())
         .collect::<Vec<_>>();
 
diff --git a/backend/database/.sqlx/query-f72f903d05b3fff282aeb2b9f1a2281636e5f3168e10d18f8267cc7913ec5738.json b/backend/database/.sqlx/query-f7d8587bafcc9fb8f90457cbc75c1ac865eb628e6aee419ecb58c8cd8802bcc5.json
similarity index 77%
rename from backend/database/.sqlx/query-f72f903d05b3fff282aeb2b9f1a2281636e5f3168e10d18f8267cc7913ec5738.json
rename to backend/database/.sqlx/query-f7d8587bafcc9fb8f90457cbc75c1ac865eb628e6aee419ecb58c8cd8802bcc5.json
index 7189e27..daae874 100644
--- a/backend/database/.sqlx/query-f72f903d05b3fff282aeb2b9f1a2281636e5f3168e10d18f8267cc7913ec5738.json
+++ b/backend/database/.sqlx/query-f7d8587bafcc9fb8f90457cbc75c1ac865eb628e6aee419ecb58c8cd8802bcc5.json
@@ -1,6 +1,6 @@
 {
   "db_name": "PostgreSQL",
-  "query": "SELECT\n(SELECT count(*) FROM requests)::int as \"history!\",\n(SELECT count(*)::int FROM requests WHERE created_at > NOW() - INTERVAL '24 hours') as \"history_last_24hrs!\",\n(SELECT count(*) FROM providers)::int as \"providers!\",\n(SELECT count(*)::int FROM providers WHERE enabled)::int as \"enabled_providers!\",\n(SELECT count(*) FROM sources)::int as \"sources!\",\n(SELECT count(*)::int FROM sources WHERE enabled)::int as \"enabled_sources!\",\n(SELECT count(*) FROM ignore_lists)::int as \"ignore_lists!\",\n(SELECT count(*)::int FROM ignore_lists WHERE enabled)::int as \"enabled_ignore_lists!\"\n        ",
+  "query": "SELECT\n(SELECT count(*) FROM requests)::int as \"history!\",\n(SELECT count(*)::int FROM requests WHERE created_at > NOW() - INTERVAL '24 hours') as \"history_last_24hrs!\",\n(SELECT count(*) FROM providers)::int as \"providers!\",\n(SELECT count(*)::int FROM providers WHERE enabled)::int as \"enabled_providers!\",\n(SELECT count(*) FROM sources)::int as \"sources!\",\n(SELECT count(*)::int FROM sources WHERE enabled)::int as \"enabled_sources!\",\n(SELECT count(*) FROM ignore_lists)::int as \"ignore_lists!\",\n(SELECT count(*)::int FROM ignore_lists WHERE enabled)::int as \"enabled_ignore_lists!\",\n(SELECT count(*) FROM users)::int as \"users!\",\n(SELECT count(*)::int FROM users WHERE enabled)::int as \"enabled_users!\"\n        ",
   "describe": {
     "columns": [
       {
@@ -42,6 +42,16 @@
         "ordinal": 7,
         "name": "enabled_ignore_lists!",
         "type_info": "Int4"
+      },
+      {
+        "ordinal": 8,
+        "name": "users!",
+        "type_info": "Int4"
+      },
+      {
+        "ordinal": 9,
+        "name": "enabled_users!",
+        "type_info": "Int4"
       }
     ],
     "parameters": {
@@ -55,8 +65,10 @@
       null,
       null,
       null,
+      null,
+      null,
       null
     ]
   },
-  "hash": "f72f903d05b3fff282aeb2b9f1a2281636e5f3168e10d18f8267cc7913ec5738"
+  "hash": "f7d8587bafcc9fb8f90457cbc75c1ac865eb628e6aee419ecb58c8cd8802bcc5"
 }
diff --git a/backend/database/src/logic/stats.rs b/backend/database/src/logic/stats.rs
index fd800c1..0e005fc 100644
--- a/backend/database/src/logic/stats.rs
+++ b/backend/database/src/logic/stats.rs
@@ -15,7 +15,9 @@ pub async fn count(pool: &PgPool) -> Result<Count> {
 (SELECT count(*) FROM sources)::int as "sources!",
 (SELECT count(*)::int FROM sources WHERE enabled)::int as "enabled_sources!",
 (SELECT count(*) FROM ignore_lists)::int as "ignore_lists!",
-(SELECT count(*)::int FROM ignore_lists WHERE enabled)::int as "enabled_ignore_lists!"
+(SELECT count(*)::int FROM ignore_lists WHERE enabled)::int as "enabled_ignore_lists!",
+(SELECT count(*) FROM users)::int as "users!",
+(SELECT count(*)::int FROM users WHERE enabled)::int as "enabled_users!"
         "#
     )
     .fetch_one(pool)
diff --git a/backend/database/src/schemas/stats.rs b/backend/database/src/schemas/stats.rs
index 793b798..8614463 100644
--- a/backend/database/src/schemas/stats.rs
+++ b/backend/database/src/schemas/stats.rs
@@ -25,6 +25,10 @@ pub struct Count {
     pub ignore_lists: i32,
     /// Number of enabled indicators
     pub enabled_ignore_lists: i32,
+    /// Number of users
+    pub users: i32,
+    /// Number of enabled users
+    pub enabled_users: i32,
 }
 
 /// A stats helper container for getting a count based on an ID or name of an object
diff --git a/backend/makefile b/backend/makefile
index 6044fa3..1408e11 100644
--- a/backend/makefile
+++ b/backend/makefile
@@ -1,4 +1,4 @@
-reset-db:
+db-reset:
 	./scripts/reset_db.sh && make gen-types
 
 gen-types:
diff --git a/backend/server/src/error.rs b/backend/server/src/error.rs
index 21bd24f..7ae537e 100644
--- a/backend/server/src/error.rs
+++ b/backend/server/src/error.rs
@@ -38,6 +38,7 @@ pub enum Error {
     PasswordHash(shared::crypto::PasswordHashError),
     InvalidCredentials,
     DisabledUser,
+    Forbidden,
 }
 
 impl std::error::Error for Error {}
@@ -110,7 +111,7 @@ impl From<auth::error::Error> for Error {
         match error {
             auth::error::Error::Database(err) => Self::SqlxError(err),
             auth::error::Error::Unauthorized(_) => Self::Unauthorized,
-            auth::error::Error::MissingRoles(_) => Self::Unauthorized,
+            auth::error::Error::MissingRoles(_) => Self::Forbidden,
             auth::error::Error::BadRequest(err) => Self::BadRequest(err),
             auth::error::Error::SerdeJson(_) => Self::InternalError,
             auth::error::Error::Reqwest(err) => Self::Reqwest(err),
@@ -150,6 +151,8 @@ impl IntoResponse for Error {
             Self::DisabledUser => {
                 (StatusCode::UNAUTHORIZED, "Your account is disabled").into_response()
             }
+            Self::NotFound => StatusCode::NOT_FOUND.into_response(),
+            Self::Forbidden => StatusCode::FORBIDDEN.into_response(),
             _ => StatusCode::INTERNAL_SERVER_ERROR.into_response(),
         }
     }
diff --git a/backend/server/src/routes/requests/execute/get.rs b/backend/server/src/routes/requests/execute/get.rs
index 9f4b180..64334d8 100644
--- a/backend/server/src/routes/requests/execute/get.rs
+++ b/backend/server/src/routes/requests/execute/get.rs
@@ -1,3 +1,4 @@
+use auth::require_roles;
 use axum::{
     extract::State,
     response::{
@@ -34,6 +35,8 @@ pub async fn request(
     Extension(user): Extension<User>,
     Query(request): Query<RequestExecuteParam>,
 ) -> Result<impl IntoResponse> {
+    require_roles(&user.roles, &["request_create"])?;
+
     let should_ignore_errors = request.ignore_errors;
 
     let mut data = handle_indicator_request(&request, &state, &user.id).await?;
@@ -87,6 +90,8 @@ pub async fn sse_handler(
     Extension(user): Extension<User>,
     Query(request): Query<RequestExecuteParam>,
 ) -> Result<impl IntoResponse> {
+    require_roles(&user.roles, &["request_create"])?;
+
     let should_ignore_errors = request.ignore_errors;
     let source_ids = request.source_ids.clone();
     let indicator: Indicator = request.into();
diff --git a/backend/server/src/routes/requests/get.rs b/backend/server/src/routes/requests/get.rs
index afc0897..e6a6001 100644
--- a/backend/server/src/routes/requests/get.rs
+++ b/backend/server/src/routes/requests/get.rs
@@ -1,9 +1,10 @@
+use auth::require_roles;
 use axum::{
     extract::{Path, State},
     response::IntoResponse,
-    Json,
+    Extension, Json,
 };
-use database::{logic::requests, PgPool};
+use database::{logic::requests, schemas::users::User, PgPool};
 
 use crate::{Error, Result};
 
@@ -16,7 +17,12 @@ use crate::{Error, Result};
         (status = 200, description = "List of requests", body = [Request]),
     )
 )]
-pub async fn get_requests(State(pool): State<PgPool>) -> Result<impl IntoResponse> {
+pub async fn get_requests(
+    Extension(user): Extension<User>,
+    State(pool): State<PgPool>,
+) -> Result<impl IntoResponse> {
+    require_roles(&user.roles, &["request_view"])?;
+
     let requests = requests::get_requests(&pool).await?;
 
     Ok(Json(requests))
@@ -36,9 +42,12 @@ pub async fn get_requests(State(pool): State<PgPool>) -> Result<impl IntoRespons
     )
 )]
 pub async fn get_request(
+    Extension(user): Extension<User>,
     State(pool): State<PgPool>,
     Path(request_id): Path<String>,
 ) -> Result<impl IntoResponse> {
+    require_roles(&user.roles, &["request_view"])?;
+
     let request = requests::get_request(&pool, &request_id)
         .await?
         .ok_or(Error::NotFound)?;
@@ -59,9 +68,12 @@ pub async fn get_request(
     )
 )]
 pub async fn get_request_data(
+    Extension(user): Extension<User>,
     State(pool): State<PgPool>,
     Path(request_id): Path<String>,
 ) -> Result<impl IntoResponse> {
+    require_roles(&user.roles, &["request_view"])?;
+
     let request_data = requests::get_request_source_requests(&pool, &request_id).await?;
 
     Ok(Json(request_data))
diff --git a/frontend/src/api/index.ts b/frontend/src/api/index.ts
index 19bd615..bee41d3 100644
--- a/frontend/src/api/index.ts
+++ b/frontend/src/api/index.ts
@@ -1,4 +1,5 @@
 import { toast } from "sonner";
+import { notFound } from "@tanstack/react-router";
 
 import config from "@/lib/config";
 import { store } from "@/atoms";
@@ -53,6 +54,10 @@ const axiosKiller = async <T>(
     keepalive: true,
   });
 
+  if (response.status === 404) {
+    throw notFound();
+  }
+
   if (!response.ok) {
     const text = await response.text();
 
diff --git a/frontend/src/atoms/auth.ts b/frontend/src/atoms/auth.ts
index f101843..8e6bbc5 100644
--- a/frontend/src/atoms/auth.ts
+++ b/frontend/src/atoms/auth.ts
@@ -1,6 +1,6 @@
 import { atomWithLocalStorage } from "@/atoms";
 
-interface User {
+export interface User {
   id: string;
   email: string;
   name: string;
diff --git a/frontend/src/components/auth-link.tsx b/frontend/src/components/auth-link.tsx
new file mode 100644
index 0000000..2d2b5ab
--- /dev/null
+++ b/frontend/src/components/auth-link.tsx
@@ -0,0 +1,23 @@
+import { Link, LinkProps } from "@tanstack/react-router";
+import { useAtomValue } from "jotai";
+
+import { userAtom } from "@/atoms/auth";
+import { userHasRoles } from "@/lib/auth";
+
+interface Props
+  extends LinkProps,
+    Pick<React.HTMLAttributes<HTMLAnchorElement>, "title"> {
+  roles?: string[];
+}
+
+const AuthLink: React.FC<Props> = ({ roles = [], ...props }) => {
+  const user = useAtomValue(userAtom);
+
+  if (user && !userHasRoles(user, roles)) {
+    return <>{props.children}</>;
+  }
+
+  return <Link {...props} />;
+};
+
+export default AuthLink;
diff --git a/frontend/src/components/auth-visible.tsx b/frontend/src/components/auth-visible.tsx
new file mode 100644
index 0000000..c0b0e82
--- /dev/null
+++ b/frontend/src/components/auth-visible.tsx
@@ -0,0 +1,23 @@
+import { useAtomValue } from "jotai";
+
+import { userAtom } from "@/atoms/auth";
+import { userHasRoles } from "@/lib/auth";
+
+interface Props {
+  roles: string[];
+}
+
+const AuthVisible: React.FC<React.PropsWithChildren<Props>> = ({
+  roles,
+  children,
+}) => {
+  const user = useAtomValue(userAtom);
+
+  if (user && !userHasRoles(user, roles)) {
+    return null;
+  }
+
+  return children;
+};
+
+export default AuthVisible;
diff --git a/frontend/src/components/index.ts b/frontend/src/components/index.ts
index 3a7e205..ec2c2f5 100644
--- a/frontend/src/components/index.ts
+++ b/frontend/src/components/index.ts
@@ -4,6 +4,8 @@ export * as Layouts from "./layouts";
 export * as SearchResults from "./search-results";
 
 export { default as ApiTokensTable } from "./api-tokens-table";
+export { default as AuthLink } from "./auth-link";
+export { default as AuthVisible } from "./auth-visible";
 export { default as AutoAnimate } from "./auto-animate";
 export { default as Code } from "./code";
 export { default as CopyButton } from "./copy-button";
@@ -18,11 +20,13 @@ export { default as GeneralServerConfig } from "./general-server-config";
 export { default as GenericPanelSearch } from "./generic-panel-search";
 export { default as MaskValue } from "./mask-value";
 export { default as Nav } from "./nav";
+export { default as NotFound } from "./not-found";
 export { default as RawContent } from "./raw-content";
 export { default as RequestDataView } from "./request-data-view";
 export { default as RunnerStatus } from "./runner-status";
 export { default as SecretsTable } from "./secrets-table";
 export { default as SectionPanelHeader } from "./section-panel-header";
+export { default as SimpleError } from "./simple-error";
 export { default as StackedAreaChart } from "./stacked-area-chart";
 export { default as StatsCounter } from "./stats-counter";
 export { default as TitleEntryCount } from "./title-entry-count";
diff --git a/frontend/src/components/layouts/authenticated.tsx b/frontend/src/components/layouts/authenticated.tsx
index b33d5bc..84c8290 100644
--- a/frontend/src/components/layouts/authenticated.tsx
+++ b/frontend/src/components/layouts/authenticated.tsx
@@ -44,6 +44,7 @@ import config from "@/lib/config";
 import { useWindowWidth } from "@/hooks/useWindowWidth";
 import { userAtom } from "@/atoms/auth";
 import { useTranslation } from "@/i18n";
+import { userHasAnyRoles } from "@/lib/auth";
 
 type Page =
   | "home"
@@ -61,7 +62,7 @@ export const Layout: React.FC = () => {
   const { location } = useRouterState();
   const [theme, setTheme] = useAtom(themeAtom);
   const windowWidth = useWindowWidth();
-  const auth = useAtomValue(userAtom);
+  const user = useAtomValue(userAtom);
   const { t, toggle, otherLang } = useTranslation();
 
   const statsCount = useSuspenseQuery(statsCountQueryOptions);
@@ -125,6 +126,7 @@ export const Layout: React.FC = () => {
             isCollapsed={isCollapsed}
             links={[
               {
+                roles: ["request_create"],
                 title: t("requests"),
                 icon: Send,
                 to: "/request",
@@ -132,6 +134,7 @@ export const Layout: React.FC = () => {
                 preload: false,
               },
               {
+                roles: ["request_view"],
                 title: t("history"),
                 label: statsCount.data.history,
                 icon: History,
@@ -140,9 +143,11 @@ export const Layout: React.FC = () => {
               },
             ]}
           />
-          <div className={cn("mx-4", isCollapsed && "mx-2")}>
-            <Separator />
-          </div>
+          {userHasAnyRoles(user!, ["request_create", "request_view"]) && (
+            <div className={cn("mx-4", isCollapsed && "mx-2")}>
+              <Separator />
+            </div>
+          )}
           <Nav
             isCollapsed={isCollapsed}
             links={[
@@ -175,18 +180,19 @@ export const Layout: React.FC = () => {
           <Nav
             isCollapsed={isCollapsed}
             links={[
-              {
-                title: t("config"),
-                to: "/config",
-                variant: page === "config" ? "default" : "ghost",
-                icon: Cog,
-              },
               {
                 title: t("users"),
+                label: statsCount.data.users,
                 to: "/users",
                 variant: page === "users" ? "default" : "ghost",
                 icon: Users,
               },
+              {
+                title: t("config"),
+                to: "/config",
+                variant: page === "config" ? "default" : "ghost",
+                icon: Cog,
+              },
             ]}
           />
         </div>
@@ -264,13 +270,13 @@ export const Layout: React.FC = () => {
           >
             <Avatar className="border">
               <AvatarImage alt="@shadcn" />
-              <AvatarFallback>{auth?.initials}</AvatarFallback>
+              <AvatarFallback>{user!.initials}</AvatarFallback>
             </Avatar>
             <div className={cn("flex flex-col", isCollapsed && "hidden")}>
               <span className="block whitespace-nowrap font-semibold">
-                {auth?.name}
+                {user!.name}
               </span>
-              <span className="block text-xs opacity-70">{auth?.email}</span>
+              <span className="block text-xs opacity-70">{user!.email}</span>
             </div>
           </div>
         </div>
diff --git a/frontend/src/components/nav.tsx b/frontend/src/components/nav.tsx
index d5fd16a..ecd4226 100644
--- a/frontend/src/components/nav.tsx
+++ b/frontend/src/components/nav.tsx
@@ -1,5 +1,6 @@
 import { ExternalLinkIcon, LucideIcon } from "lucide-react";
 import { Link, LinkProps } from "@tanstack/react-router";
+import { useAtomValue } from "jotai";
 
 import { cn } from "@/lib/utils";
 import { ButtonProps, buttonVariants } from "@/components/ui/button";
@@ -8,6 +9,8 @@ import {
   TooltipContent,
   TooltipTrigger,
 } from "@/components/ui/tooltip";
+import { userAtom } from "@/atoms/auth";
+import { userHasRoles } from "@/lib/auth";
 
 type BaseNavLinkProps = {
   title: string;
@@ -27,6 +30,7 @@ type ExtraNavLinkProps =
     }
   | {
       to: string;
+      roles?: string[];
       preload?: LinkProps["preload"];
     };
 
@@ -48,81 +52,100 @@ const LinkOrButtonOrExternalLink: React.FC<
     return <a target="_blank" rel="noreferrer noopener" {...props} />;
   }
 
-  return <div {...props} />;
+  return <div {...props} className={cn("cursor-pointer", props.className)} />;
 };
 
-const Nav: React.FC<NavProps> = ({ links, isCollapsed }) => (
-  <div
-    data-collapsed={isCollapsed}
-    className="group flex flex-col gap-4 py-2 data-[collapsed=true]:py-2"
-  >
-    <nav className="grid gap-1 px-2 group-[[data-collapsed=true]]:justify-center group-[[data-collapsed=true]]:px-2">
-      {links.map((link, index) =>
-        isCollapsed ? (
-          <Tooltip key={index}>
-            <TooltipTrigger>
+const Nav: React.FC<NavProps> = ({ links, isCollapsed }) => {
+  const user = useAtomValue(userAtom);
+
+  const canViewAnyLinks = links.some(
+    (link) => !("roles" in link) || userHasRoles(user!, link.roles),
+  );
+
+  if (!canViewAnyLinks) {
+    return null;
+  }
+
+  return (
+    <div
+      data-collapsed={isCollapsed}
+      className="group flex flex-col gap-4 py-2 data-[collapsed=true]:py-2"
+    >
+      <nav className="grid gap-1 px-2 group-[[data-collapsed=true]]:justify-center group-[[data-collapsed=true]]:px-2">
+        {links
+          .filter(
+            (link) => !("roles" in link) || userHasRoles(user!, link.roles),
+          )
+          .map((link, index) =>
+            isCollapsed ? (
+              <Tooltip key={index}>
+                <TooltipTrigger>
+                  <LinkOrButtonOrExternalLink
+                    className={cn(
+                      buttonVariants({
+                        variant: link.variant ?? "ghost",
+                        size: "icon",
+                      }),
+                      "h-9 w-9",
+                      link.variant === "default" &&
+                        "dark:bg-muted dark:text-white dark:hover:bg-muted dark:hover:text-muted-foreground",
+                      "disabled" in link &&
+                        link.disabled &&
+                        "cursor-default opacity-50 hover:bg-transparent hover:text-current",
+                    )}
+                    size="icon"
+                    {...link}
+                  >
+                    <link.icon className="h-4 w-4" />
+                    <span className="sr-only">{link.title}</span>
+                  </LinkOrButtonOrExternalLink>
+                </TooltipTrigger>
+                <TooltipContent
+                  side="right"
+                  className="flex items-center gap-2"
+                >
+                  {link.title}
+                  {link.label !== undefined && (
+                    <span className="ml-auto font-bold">{link.label}</span>
+                  )}
+                </TooltipContent>
+              </Tooltip>
+            ) : (
               <LinkOrButtonOrExternalLink
+                key={index}
                 className={cn(
                   buttonVariants({
                     variant: link.variant ?? "ghost",
-                    size: "icon",
+                    size: "sm",
                   }),
-                  "h-9 w-9",
+                  "h-9 cursor-pointer",
                   link.variant === "default" &&
-                    "dark:bg-muted dark:text-muted-foreground dark:hover:bg-muted dark:hover:text-white",
-                  "disabled" in link &&
-                    link.disabled &&
-                    "cursor-default opacity-50 hover:bg-transparent hover:text-current",
+                    "dark:bg-muted dark:text-white dark:hover:bg-muted dark:hover:text-muted-foreground",
+                  "justify-start",
                 )}
-                size="icon"
                 {...link}
               >
-                <link.icon className="h-4 w-4" />
-                <span className="sr-only">{link.title}</span>
-              </LinkOrButtonOrExternalLink>
-            </TooltipTrigger>
-            <TooltipContent side="right" className="flex items-center gap-2">
-              {link.title}
-              {link.label !== undefined && (
-                <span className="ml-auto font-bold">{link.label}</span>
-              )}
-            </TooltipContent>
-          </Tooltip>
-        ) : (
-          <LinkOrButtonOrExternalLink
-            key={index}
-            className={cn(
-              buttonVariants({
-                variant: link.variant ?? "ghost",
-                size: "sm",
-              }),
-              "h-9 cursor-pointer",
-              link.variant === "default" &&
-                "dark:bg-muted dark:text-white dark:hover:bg-muted dark:hover:text-white",
-              "justify-start",
-            )}
-            {...link}
-          >
-            <link.icon className="mr-2 h-4 w-4" />
-            {link.title}
-            {link.label !== undefined && (
-              <span
-                className={cn(
-                  "ml-auto",
-                  link.variant === "default" && "dark:text-white",
+                <link.icon className="mr-2 h-4 w-4" />
+                {link.title}
+                {link.label !== undefined && (
+                  <span
+                    className={cn(
+                      "ml-auto",
+                      link.variant === "default" && "dark:text-white",
+                    )}
+                  >
+                    {link.label}
+                  </span>
                 )}
-              >
-                {link.label}
-              </span>
-            )}
-            {"href" in link && link.href !== undefined && (
-              <ExternalLinkIcon className="ml-auto" size={14} />
-            )}
-          </LinkOrButtonOrExternalLink>
-        ),
-      )}
-    </nav>
-  </div>
-);
+                {"href" in link && link.href !== undefined && (
+                  <ExternalLinkIcon className="ml-auto" size={14} />
+                )}
+              </LinkOrButtonOrExternalLink>
+            ),
+          )}
+      </nav>
+    </div>
+  );
+};
 
 export default Nav;
diff --git a/frontend/src/components/not-found.tsx b/frontend/src/components/not-found.tsx
new file mode 100644
index 0000000..9be3d41
--- /dev/null
+++ b/frontend/src/components/not-found.tsx
@@ -0,0 +1,19 @@
+import { SimpleError } from "@/components";
+import { TransId } from "@/i18n";
+
+interface Props {
+  title?: TransId;
+  data?: string;
+}
+
+const NotFound: React.FC<Props> = ({ title = "page.not.found", data }) => (
+  <SimpleError
+    emoji="(ಥ﹏ಥ)"
+    title="404"
+    subtitle={title}
+    data={data ?? window.location.pathname}
+    description="page.not.found.description"
+  />
+);
+
+export default NotFound;
diff --git a/frontend/src/components/simple-error.tsx b/frontend/src/components/simple-error.tsx
new file mode 100644
index 0000000..5685407
--- /dev/null
+++ b/frontend/src/components/simple-error.tsx
@@ -0,0 +1,70 @@
+import { ChevronLeft, Home, LogOut } from "lucide-react";
+import { Link } from "@tanstack/react-router";
+
+import { Button } from "@/components/ui/button";
+import { Trans } from "@/components";
+import { TransId } from "@/i18n";
+
+interface Props {
+  emoji?: string;
+  title: string;
+  subtitle: TransId;
+  description: TransId;
+  otherButtons?: React.ReactNode;
+  data?: string;
+}
+
+const SimpleError: React.FC<Props> = ({
+  emoji,
+  title,
+  subtitle,
+  description,
+  otherButtons,
+  data,
+}) => (
+  <div className="flex h-full w-full flex-1 items-center justify-center self-center p-4">
+    <div className="relative flex flex-col flex-wrap gap-4">
+      {emoji && (
+        <div className="absolute right-0 top-0 ms-4 select-none font-serif text-7xl font-bold leading-5 text-primary/30 sm:text-8xl md:text-9xl">
+          {emoji}
+        </div>
+      )}
+      <div className="ms-4 font-serif text-[10rem] font-bold leading-[10rem] text-primary dark:text-primary">
+        {title}
+      </div>
+      <div className="w-full max-w-2xl">
+        <div className="text-lg font-semibold">
+          <Trans
+            id={subtitle}
+            data={<span className="italic opacity-50">{data}</span>}
+          />
+        </div>
+        <div className="text-sm">
+          <Trans id={description} />
+        </div>
+      </div>
+      <div className="flex flex-wrap gap-2">
+        <Link to="../">
+          <Button className="px-3" variant="outline">
+            <ChevronLeft size={16} />
+          </Button>
+        </Link>
+        <Button asChild>
+          <Link to="/" className="flex-1 gap-2 shadow-md">
+            <Home size={16} />
+            <Trans id="go.home" />
+          </Link>
+        </Button>
+        <Button asChild variant="secondary">
+          <Link to="/auth/logout" className="gap-2">
+            <LogOut size={16} />
+            <Trans id="logout" />
+          </Link>
+        </Button>
+        {otherButtons}
+      </div>
+    </div>
+  </div>
+);
+
+export default SimpleError;
diff --git a/frontend/src/components/stats-counter.tsx b/frontend/src/components/stats-counter.tsx
index 3bbfcfc..aefcd0b 100644
--- a/frontend/src/components/stats-counter.tsx
+++ b/frontend/src/components/stats-counter.tsx
@@ -1,8 +1,8 @@
-import { Link } from "@tanstack/react-router";
+import { LinkProps } from "@tanstack/react-router";
 import { LucideIcon } from "lucide-react";
 
 import { TransId, useTranslation } from "@/i18n";
-import { Trans } from "@/components";
+import { Trans, AuthLink } from "@/components";
 
 interface Props {
   Icon: LucideIcon;
@@ -10,7 +10,8 @@ interface Props {
   title: TransId;
   subCount: number;
   subTitle: TransId;
-  to: string;
+  to: LinkProps["to"];
+  roles?: string[];
 }
 
 const StatsCounter: React.FC<Props> = ({
@@ -20,12 +21,13 @@ const StatsCounter: React.FC<Props> = ({
   subCount,
   subTitle,
   to,
+  roles,
 }) => {
   const { t } = useTranslation();
 
   return (
-    <Link to={to} title={`${t("search.results")}...`}>
-      <div className="flex cursor-pointer items-center gap-4 rounded-xl border p-4 shadow-sm transition duration-100 ease-in-out hover:bg-muted">
+    <AuthLink to={to} title={`${t("search.results")}...`} roles={roles}>
+      <div className="flex items-center gap-4 rounded-xl border p-4 shadow-sm transition duration-100 ease-in-out hover:bg-muted">
         <div className="rounded-xl border bg-primary p-2">
           <Icon size={32} className="text-white dark:text-black" />
         </div>
@@ -44,7 +46,7 @@ const StatsCounter: React.FC<Props> = ({
           </div>
         </div>
       </div>
-    </Link>
+    </AuthLink>
   );
 };
 
diff --git a/frontend/src/i18n/en_CA.json b/frontend/src/i18n/en_CA.json
index bea033b..ecd8c23 100644
--- a/frontend/src/i18n/en_CA.json
+++ b/frontend/src/i18n/en_CA.json
@@ -133,6 +133,7 @@
   "global": "Global",
   "global.linked.providers.description": "since list is global, all providers are affected, below are providers that would still be affected if not global",
   "global.linked.sources.description": "since list is global, all sources are affected, below are sources that would still be affected if not global",
+  "go.home": "Go home",
   "has.no.provider": "Has no provider",
   "has.provider": "Has provider",
   "hide.all": "Hide all",
@@ -140,6 +141,7 @@
   "history.empty.description": "Select an old request on the side to view it's related data",
   "history.empty.title": "Learn more about past request",
   "history.search.empty.description": "Create a request to see it here",
+  "history.search.empty.description.viewer": "Refine your search or wait for requests to be made",
   "history.search.empty.extra": "Send a request",
   "history.search.empty.title": "No past request",
   "history.search.placeholder": "Search past requests",
@@ -203,6 +205,7 @@
   "linked.provider": "Linked provider",
   "linked.providers": "Linked providers",
   "linked.sources": "Linked sources",
+  "list.not.found": "Ignore list {data} not found",
   "log": "Log",
   "logged.out": "Logged out",
   "logged.out.description": "You have been logged out",
@@ -248,6 +251,8 @@
   "now": "Now",
   "number.of.requests": "Number of requests",
   "optional": "Optional",
+  "page.not.found": "Page {data} not found",
+  "page.not.found.description": "It appears you've ventured into uncharted territories. Please select a known destination from the navigation bar to continue your journey.",
   "password": "Password",
   "pick.a.date": "Pick a date",
   "provider": "Provider",
@@ -255,6 +260,7 @@
   "provider.delete.confirmation.description": "This action cannot be undone. This will permanently {name} as a provider, linked sources will simple not have a provider anymore.",
   "provider.deleted.description": "Provider {name} was deleted successfully and is no longer linked to any sources.",
   "provider.deleted.title": "Provider deleted",
+  "provider.not.found": "Provider {data} not found",
   "provider.saved": "Provider saved",
   "provider.user.id": "Provider user ID",
   "providers": "Providers",
@@ -274,6 +280,7 @@
   "request.error": "Request error",
   "request.loading.description": "We are fetching the data for you",
   "request.loading.title": "Requesting data",
+  "request.not.found": "Request {data} not found",
   "request.title": "Source data",
   "requester": "Requester",
   "requests": "Requests",
@@ -315,6 +322,7 @@
   "source.interval.limit": "Limit of request per interval",
   "source.interval.number.request": "Number of request during interval",
   "source.interval.reset": "Reset interval",
+  "source.not.found": "Source {data} not found",
   "source.number.request": "Total number of request",
   "source.saved": "Source saved",
   "sources": "Sources",
@@ -362,6 +370,7 @@
   "user.agent": "User agent",
   "user.created.description": "Before you can login, you need to be verified by an admin",
   "user.created.title": "Created user successfully!",
+  "user.not.found": "User {data} not found",
   "user.updated": "User updated",
   "users": "Users",
   "users.empty.description": "Select a user on the side",
diff --git a/frontend/src/i18n/fr_CA.json b/frontend/src/i18n/fr_CA.json
index 075d407..484efbd 100644
--- a/frontend/src/i18n/fr_CA.json
+++ b/frontend/src/i18n/fr_CA.json
@@ -133,6 +133,7 @@
   "global": "Global",
   "global.linked.providers.description": "puisque la liste est globale, tous les fournisseurs sont affectés, les fournisseurs ci-dessous sont ceux qui seraient encore affectés s'ils n'étaient pas globaux",
   "global.linked.sources.description": "puisque la liste est globale, tous les sources sont affectées, les sources ci-dessous sont celles qui seraient encore affectées si elles n'étaient pas globales",
+  "go.home": "Aller à l'accueil",
   "has.no.provider": "N'a pas de fournisseur",
   "has.provider": "A un fournisseur",
   "hide.all": "Cacher tout",
@@ -140,6 +141,7 @@
   "history.empty.description": "Sélectionner une ancienne demande sur le côté pour visualiser les données qui y sont liées",
   "history.empty.title": "Découvrez les demandes antérieures",
   "history.search.empty.description": "Effectuer une demande pour le voir ici",
+  "history.search.empty.description.viewer": "Ajustez votre recherche ou patientez pour que les demandes soient effectuées",
   "history.search.empty.extra": "Envoyer une demande",
   "history.search.empty.title": "Aucune demande historique",
   "history.search.placeholder": "Rechercher les demandes historiques",
@@ -203,6 +205,7 @@
   "linked.provider": "Fournisseur lié",
   "linked.providers": "Fournisseurs liés",
   "linked.sources": "Sources liées",
+  "list.not.found": "Liste ignorée {data} non trouvée",
   "log": "Jounal",
   "logged.out": "Déconnecté",
   "logged.out.description": "Vous avez été déconnecté de votre compte",
@@ -248,6 +251,8 @@
   "now": "Maintenant",
   "number.of.requests": "Nombre de requêtes",
   "optional": "Optionnel",
+  "page.not.found": "Page {data} non trouvée",
+  "page.not.found.description": "Il semble que vous vous soyez aventuré en territoire inconnu. Veuillez sélectionner une destination connue dans la barre de navigation pour poursuivre votre voyage.",
   "password": "Mot de passe",
   "pick.a.date": "Choisissez une date",
   "provider": "Fournisseur",
@@ -255,6 +260,7 @@
   "provider.delete.confirmation.description": "Cette action est irrévesible. Cela supprimera le fournisseur {name} de façon permanente, les sources liées n'auront simplement plus de fournisseur.",
   "provider.deleted.description": "Le fournisseur {nom} a été supprimé avec succès et n'est plus lié à aucune source.",
   "provider.deleted.title": "Fournisseur supprimé",
+  "provider.not.found": "Fournisseur {data} non trouvé",
   "provider.saved": "Fournisseur sauvegardé",
   "provider.user.id": "ID de l'utilisateur du fournisseur",
   "providers": "Fournisseurs",
@@ -274,6 +280,7 @@
   "request.error": "Erreur de requête",
   "request.loading.description": "Nous sommes tout de même sur le point de récupérer les données pour vous",
   "request.loading.title": "En cours d'acquisition de données",
+  "request.not.found": "Requête {data} non trouvée",
   "request.title": "Données des sources",
   "requester": "Demandeur",
   "requests": "Requêtes",
@@ -315,6 +322,7 @@
   "source.interval.limit": "Limite de requêtes par intervalle",
   "source.interval.number.request": "Nombre de requêtes au cours de l'intervalle",
   "source.interval.reset": "Intervalle de réinitialisation",
+  "source.not.found": "Source {data} non trouvée",
   "source.number.request": "Nombre total de requêtes",
   "source.saved": "Source sauvegardée",
   "sources": "Sources",
@@ -362,6 +370,7 @@
   "user.agent": "Agent utilisateur",
   "user.created.description": "Avant de pouvoir vous connecter, vous devez être vérifié par un administrateur",
   "user.created.title": "Utilisateur créé avec succès!",
+  "user.not.found": "Utilisateur {data} non trouvé",
   "user.updated": "Utilisateur mis à jour",
   "users": "Utilisateurs",
   "users.empty.description": "Sélectionner un utilisateur sur le côté",
diff --git a/frontend/src/lib/auth.ts b/frontend/src/lib/auth.ts
index 31a9c2f..b718056 100644
--- a/frontend/src/lib/auth.ts
+++ b/frontend/src/lib/auth.ts
@@ -1,15 +1,16 @@
 import { ParsedLocation, redirect } from "@tanstack/react-router";
+import { toast } from "sonner";
 
-import { userAtom } from "@/atoms/auth";
+import { User, userAtom } from "@/atoms/auth";
 import { store } from "@/atoms";
 
 export type BeforeLoadFn = (
   roles?: string[],
-) => (opts: { location: ParsedLocation }) => void;
+) => (opts: { location: ParsedLocation; cause?: string }) => void;
 
 export const beforeLoadAuthenticated: BeforeLoadFn =
   (roles) =>
-  ({ location }) => {
+  ({ location, cause }) => {
     const user = store.get(userAtom);
 
     if (!user) {
@@ -22,10 +23,23 @@ export const beforeLoadAuthenticated: BeforeLoadFn =
     }
 
     if (roles && roles.length > 0) {
-      const hasRoles = user.roles.every((role) => roles.includes(role));
+      const hasRoles = userHasRoles(user, roles);
 
       if (!hasRoles) {
-        throw redirect({ to: "/auth/login" });
+        if (cause !== "preload") {
+          const missingRoles = roles
+            .filter((role) => !user.roles.includes(role))
+            .join(", ");
+          toast.error(
+            `You don't have the required roles to access the page ${window.location.pathname}`,
+            {
+              id: "no-roles" + missingRoles,
+              description: "Missing roles: " + missingRoles,
+            },
+          );
+        }
+
+        throw redirect({ to: "/", replace: true });
       }
     }
   };
@@ -45,3 +59,9 @@ export const parseJwt = (token: string) => {
 
   return JSON.parse(jsonPayload);
 };
+
+export const userHasRoles = (user: User, roles?: string[]) =>
+  !roles || roles.every((role) => user.roles.includes(role));
+
+export const userHasAnyRoles = (user: User, roles?: string[]) =>
+  !roles || roles.some((role) => user.roles.includes(role));
diff --git a/frontend/src/navigation/index.tsx b/frontend/src/navigation/index.tsx
index 9bcfe46..82757fd 100644
--- a/frontend/src/navigation/index.tsx
+++ b/frontend/src/navigation/index.tsx
@@ -2,6 +2,7 @@ import { createRouter } from "@tanstack/react-router";
 
 import { routeTree } from "@/navigation/routeTree.gen";
 import { queryClient } from "@/lib/query";
+import { NotFound } from "@/components";
 
 export const router = createRouter({
   routeTree,
@@ -11,6 +12,7 @@ export const router = createRouter({
   },
   defaultPreload: "intent",
   defaultPreloadStaleTime: 0,
+  defaultNotFoundComponent: () => <NotFound />,
 });
 
 declare module "@tanstack/react-router" {
diff --git a/frontend/src/routes/history/$id.tsx b/frontend/src/routes/history/$id.tsx
index 6fb05a0..06b47fb 100644
--- a/frontend/src/routes/history/$id.tsx
+++ b/frontend/src/routes/history/$id.tsx
@@ -16,6 +16,7 @@ import {
   RequestDataView,
   Trans,
   FullBadge,
+  NotFound,
 } from "@/components";
 import { Button } from "@/components/ui/button";
 import config from "@/lib/config";
@@ -108,9 +109,15 @@ const HistoryComponent: React.FC = () => {
   );
 };
 
+const NotFoundHistory: React.FC = () => {
+  const { id } = Route.useParams();
+  return <NotFound title="request.not.found" data={id} />;
+};
+
 export const Route = createFileRoute("/history/$id")({
   component: HistoryComponent,
-  beforeLoad: beforeLoadAuthenticated(),
+  notFoundComponent: NotFoundHistory,
+  beforeLoad: beforeLoadAuthenticated(["request_view"]),
   loader: async ({ context: { queryClient }, params: { id } }) => {
     const [request] = await Promise.all([
       queryClient.ensureQueryData(requestQueryOptions(id)),
diff --git a/frontend/src/routes/history/index.tsx b/frontend/src/routes/history/index.tsx
index 7e6fa94..7d91e7b 100644
--- a/frontend/src/routes/history/index.tsx
+++ b/frontend/src/routes/history/index.tsx
@@ -1,8 +1,8 @@
-import { createFileRoute, Link } from "@tanstack/react-router";
+import { Link, createFileRoute } from "@tanstack/react-router";
 import { Clock, Send } from "lucide-react";
 
 import EmptyImage from "@/assets/network-two-color-c4988.svg";
-import { SectionPanelHeader, Empty, Trans } from "@/components";
+import { SectionPanelHeader, Empty, Trans, AuthVisible } from "@/components";
 import { Button } from "@/components/ui/button";
 import { beforeLoadAuthenticated } from "@/lib/auth";
 
@@ -22,12 +22,14 @@ const HistoryHomeComponent: React.FC = () => (
       description="history.empty.description"
       image={EmptyImage}
       extra={
-        <Link to="/request">
-          <Button className="gap-2" size="sm" variant="secondary">
-            <Send size={16} />
-            <Trans id="history.search.empty.extra" />
-          </Button>
-        </Link>
+        <AuthVisible roles={["request_create"]}>
+          <Link to="/request">
+            <Button className="gap-2" size="sm" variant="secondary">
+              <Send size={16} />
+              <Trans id="history.search.empty.extra" />
+            </Button>
+          </Link>
+        </AuthVisible>
       }
     />
   </>
@@ -35,5 +37,5 @@ const HistoryHomeComponent: React.FC = () => (
 
 export const Route = createFileRoute("/history/")({
   component: HistoryHomeComponent,
-  beforeLoad: beforeLoadAuthenticated(),
+  beforeLoad: beforeLoadAuthenticated(["request_view"]),
 });
diff --git a/frontend/src/routes/history/route.tsx b/frontend/src/routes/history/route.tsx
index 25add89..ccda892 100644
--- a/frontend/src/routes/history/route.tsx
+++ b/frontend/src/routes/history/route.tsx
@@ -1,16 +1,21 @@
 import { createFileRoute } from "@tanstack/react-router";
 import { useSuspenseQuery } from "@tanstack/react-query";
 import { Send } from "lucide-react";
+import { useAtomValue } from "jotai";
 
 import { requestsQueryOptions } from "@/api/requests";
 import { GenericPanelSearch, SearchResults } from "@/components";
-import { beforeLoadAuthenticated } from "@/lib/auth";
+import { beforeLoadAuthenticated, userHasRoles } from "@/lib/auth";
 import { useTranslation } from "@/i18n";
+import { userAtom } from "@/atoms/auth";
 
 const SourcesComponents: React.FC = () => {
+  const user = useAtomValue(userAtom);
   const requests = useSuspenseQuery(requestsQueryOptions);
   const { t } = useTranslation();
 
+  const userHasRequestCreateRole = userHasRoles(user!, ["request_create"]);
+
   return (
     <GenericPanelSearch
       data={requests.data}
@@ -19,13 +24,15 @@ const SourcesComponents: React.FC = () => {
         data.kind.toLowerCase().includes(searchValue.toLowerCase())
       }
       searchPlaceholder="history.search.placeholder"
-      createLinkTo="/request"
+      createLinkTo={userHasRequestCreateRole ? "/request" : undefined}
       createLinkToDataKey="data"
       CreateLinkIcon={Send}
       Item={SearchResults.History}
       empty={{
         title: "history.search.empty.title",
-        description: "history.search.empty.description",
+        description: userHasRequestCreateRole
+          ? "history.search.empty.description"
+          : "history.search.empty.description.viewer",
         extra: t("history.search.empty.extra"),
       }}
     />
@@ -34,7 +41,7 @@ const SourcesComponents: React.FC = () => {
 
 export const Route = createFileRoute("/history")({
   component: SourcesComponents,
-  beforeLoad: beforeLoadAuthenticated(),
+  beforeLoad: beforeLoadAuthenticated(["request_view"]),
   loader: ({ context: { queryClient } }) =>
     queryClient.ensureQueryData(requestsQueryOptions),
 });
diff --git a/frontend/src/routes/index.tsx b/frontend/src/routes/index.tsx
index c9ad64b..49acfa2 100644
--- a/frontend/src/routes/index.tsx
+++ b/frontend/src/routes/index.tsx
@@ -32,15 +32,17 @@ import {
   SearchResults,
   Forms,
   Trans,
+  AuthVisible,
 } from "@/components";
 import { beforeLoadAuthenticated } from "@/lib/auth";
 import { userAtom } from "@/atoms/auth";
 import { useTranslation } from "@/i18n";
+import { store } from "@/atoms";
+import React from "react";
 
 const IndexComponent: React.FC = () => {
   const sources = useSuspenseQuery(sourcesQueryOptions);
   const statsCount = useSuspenseQuery(statsCountQueryOptions);
-  const requests = useSuspenseQuery(requestsQueryOptions);
   const statsCountRequestsBySources = useSuspenseQuery(
     statsCountRequestsBySourcesQueryOptions,
   );
@@ -74,23 +76,15 @@ const IndexComponent: React.FC = () => {
       <div className="mx-4">
         <Separator />
       </div>
-      <h4 className="z-20 mx-4 -mb-4 flex items-center gap-2 font-medium">
-        <Send size={16} /> <Trans id="home.perform.request.title" />
-      </h4>
-      <Forms.RequestForm.default sources={sources.data} />
-      <div>
-        <h4 className="z-20 mx-4 flex items-center gap-2 font-medium">
-          <History size={16} /> <Trans id="home.latest.request.title" />
+      <AuthVisible roles={["request_create"]}>
+        <h4 className="z-20 mx-4 -mb-4 flex items-center gap-2 font-medium">
+          <Send size={16} /> <Trans id="home.perform.request.title" />
         </h4>
-        <div className="grid grid-cols-1 gap-4 p-4 lg:grid-cols-2 2xl:grid-cols-4">
-          {requests.data.slice(0, 4).map((request) => (
-            <SearchResults.History key={request.id} data={request} />
-          ))}
-        </div>
-      </div>
-      <div className="mx-4">
-        <Separator />
-      </div>
+        <Forms.RequestForm.default sources={sources.data} />
+      </AuthVisible>
+      <AuthVisible roles={["request_view"]}>
+        <HistoryComponent />
+      </AuthVisible>
       <div>
         <h4 className="z-20 mx-4 flex items-center gap-2 font-medium">
           <Server size={16} /> <Trans id="home.runners.title" />
@@ -125,6 +119,7 @@ const IndexComponent: React.FC = () => {
             subCount={statsCount.data.historyLast24hrs}
             subTitle="home.stats.requests.subtitle"
             to="/history"
+            roles={["request_view"]}
           />
           <StatsCounter
             Icon={Database}
@@ -201,17 +196,54 @@ const IndexComponent: React.FC = () => {
   );
 };
 
+const HistoryComponent: React.FC = () => {
+  const requests = useSuspenseQuery(requestsQueryOptions);
+
+  return (
+    <>
+      <div>
+        <h4 className="z-20 mx-4 flex items-center gap-2 font-medium">
+          <History size={16} /> <Trans id="home.latest.request.title" />
+        </h4>
+        {requests.data.length > 0 && (
+          <div className="grid grid-cols-1 gap-4 p-4 lg:grid-cols-2 2xl:grid-cols-4">
+            {requests.data.slice(0, 4).map((request) => (
+              <SearchResults.History key={request.id} data={request} />
+            ))}
+          </div>
+        )}
+        {requests.data.length === 0 && (
+          <p className="p-4 pb-2 text-sm italic opacity-75">
+            <Trans id="no.requests" />
+          </p>
+        )}
+      </div>
+      <div className="mx-4">
+        <Separator />
+      </div>
+    </>
+  );
+};
+
 export const Route = createFileRoute("/")({
   component: IndexComponent,
   beforeLoad: beforeLoadAuthenticated(),
-  loader: async ({ context: { queryClient } }) =>
-    await Promise.all([
+  loader: async ({ context: { queryClient } }) => {
+    const user = store.get(userAtom);
+
+    const promises: Promise<unknown>[] = [
       queryClient.ensureQueryData(sourcesQueryOptions),
       queryClient.ensureQueryData(statsCountQueryOptions),
-      queryClient.ensureQueryData(requestsQueryOptions),
       queryClient.ensureQueryData(statsCountRequestsBySourcesQueryOptions),
       queryClient.ensureQueryData(statsCountRequestsByProvidersQueryOptions),
       queryClient.ensureQueryData(statsCountRequestsByHourQueryOptions),
       queryClient.ensureQueryData(statsCountRequestsByKindsQueryOptions),
-    ]),
+    ];
+
+    if (user?.roles.includes("request_view")) {
+      promises.push(queryClient.ensureQueryData(requestsQueryOptions));
+    }
+
+    await Promise.all(promises);
+  },
 });
diff --git a/frontend/src/routes/lists/$slug.tsx b/frontend/src/routes/lists/$slug.tsx
index 999c427..1c65931 100644
--- a/frontend/src/routes/lists/$slug.tsx
+++ b/frontend/src/routes/lists/$slug.tsx
@@ -17,7 +17,7 @@ import {
   UseSuspenseQueryResult,
   useSuspenseQuery,
 } from "@tanstack/react-query";
-import { useMemo } from "react";
+import React, { useMemo } from "react";
 
 import {
   ignoreListEntriesQueryOptions,
@@ -33,6 +33,7 @@ import {
   TitleEntryCount,
   FullBadge,
   Trans,
+  NotFound,
 } from "@/components";
 import { cn } from "@/lib/utils";
 import { Button } from "@/components/ui/button";
@@ -43,7 +44,7 @@ import { useTranslation } from "@/i18n";
 import { userQueryOptions } from "@/api/users";
 import { User } from "@/types/backendTypes";
 
-const ListComponent = () => {
+const ListComponent: React.FC = () => {
   const { slug } = Route.useParams();
   const { t } = useTranslation();
 
@@ -237,8 +238,14 @@ const ListComponent = () => {
   );
 };
 
+const NotFoundIgnoreList: React.FC = () => {
+  const { slug } = Route.useParams();
+  return <NotFound title="list.not.found" data={slug} />;
+};
+
 export const Route = createFileRoute("/lists/$slug")({
   component: ListComponent,
+  notFoundComponent: NotFoundIgnoreList,
   beforeLoad: beforeLoadAuthenticated(),
   loader: async ({ context: { queryClient }, params: { slug } }) => {
     const id = await queryClient.ensureQueryData(
diff --git a/frontend/src/routes/providers/$slug.tsx b/frontend/src/routes/providers/$slug.tsx
index 17d7ce7..ca2f00c 100644
--- a/frontend/src/routes/providers/$slug.tsx
+++ b/frontend/src/routes/providers/$slug.tsx
@@ -35,6 +35,7 @@ import {
   FullBadge,
   TitleEntryCount,
   Trans,
+  NotFound,
 } from "@/components";
 import { cn } from "@/lib/utils";
 import { Provider, User } from "@/types/backendTypes";
@@ -231,8 +232,14 @@ const ProviderComponent: React.FC = () => {
   );
 };
 
+const NotFoundProvider: React.FC = () => {
+  const { slug } = Route.useParams();
+  return <NotFound title="provider.not.found" data={slug} />;
+};
+
 export const Route = createFileRoute("/providers/$slug")({
   component: ProviderComponent,
+  notFoundComponent: NotFoundProvider,
   beforeLoad: beforeLoadAuthenticated(),
   loader: async ({ context: { queryClient }, params: { slug } }) => {
     const id = await queryClient.ensureQueryData(
diff --git a/frontend/src/routes/request.tsx b/frontend/src/routes/request.tsx
index bd5e6af..570dbe1 100644
--- a/frontend/src/routes/request.tsx
+++ b/frontend/src/routes/request.tsx
@@ -109,7 +109,7 @@ type IndicatorRequest = {
 
 export const Route = createFileRoute("/request")({
   component: RequestComponent,
-  beforeLoad: beforeLoadAuthenticated(),
+  beforeLoad: beforeLoadAuthenticated(["request_create"]),
   validateSearch: (search: IndicatorRequest): IndicatorRequest => search,
   loader: async ({ context: { queryClient } }) =>
     queryClient.ensureQueryData(sourcesQueryOptions),
diff --git a/frontend/src/routes/sources/$slug.tsx b/frontend/src/routes/sources/$slug.tsx
index 5e86899..d04b6ba 100644
--- a/frontend/src/routes/sources/$slug.tsx
+++ b/frontend/src/routes/sources/$slug.tsx
@@ -57,6 +57,7 @@ import {
   SearchResults,
   TitleEntryCount,
   Trans,
+  NotFound,
 } from "@/components";
 import { cleanConfigValue } from "@/api/config";
 import { beforeLoadAuthenticated } from "@/lib/auth";
@@ -491,8 +492,14 @@ const SecretBadge: React.FC<SourceSecret> = ({ id, name, secretId }) => {
   );
 };
 
+const NotFoundSource: React.FC = () => {
+  const { slug } = Route.useParams();
+  return <NotFound title="list.not.found" data={slug} />;
+};
+
 export const Route = createFileRoute("/sources/$slug")({
   component: SourceComponent,
+  notFoundComponent: NotFoundSource,
   beforeLoad: beforeLoadAuthenticated(),
   loader: async ({ context: { queryClient }, params: { slug } }) => {
     const id = await queryClient.ensureQueryData(sourceSlugQueryOptions(slug));
diff --git a/frontend/src/routes/users/$id.tsx b/frontend/src/routes/users/$id.tsx
index 595d54f..d7321c7 100644
--- a/frontend/src/routes/users/$id.tsx
+++ b/frontend/src/routes/users/$id.tsx
@@ -22,6 +22,7 @@ import { useMemo } from "react";
 
 import {
   FullBadge,
+  NotFound,
   SearchResults,
   SectionPanelHeader,
   TitleEntryCount,
@@ -250,8 +251,14 @@ const UserComponent: React.FC = () => {
   );
 };
 
+const NotFoundSource: React.FC = () => {
+  const { id } = Route.useParams();
+  return <NotFound title="user.not.found" data={id} />;
+};
+
 export const Route = createFileRoute("/users/$id")({
   component: UserComponent,
+  notFoundComponent: NotFoundSource,
   beforeLoad: beforeLoadAuthenticated(),
   loader: async ({ context: { queryClient }, params: { id } }) => {
     await Promise.all([
diff --git a/frontend/src/types/backendTypes.ts b/frontend/src/types/backendTypes.ts
index 5e73419..cd2bad1 100644
--- a/frontend/src/types/backendTypes.ts
+++ b/frontend/src/types/backendTypes.ts
@@ -594,6 +594,10 @@ export interface Count {
   ignoreLists: number;
   /** Number of enabled indicators */
   enabledIgnoreLists: number;
+  /** Number of users */
+  users: number;
+  /** Number of enabled users */
+  enabledUsers: number;
 }
 
 /** A stats helper container for getting a count based on an ID or name of an object */
diff --git a/makefile b/makefile
index 950ebde..e647ba0 100644
--- a/makefile
+++ b/makefile
@@ -1,5 +1,5 @@
 install-deps-backend:
-	cd backend && cargo install
+	cd backend/server && cargo install --path .
 
 install-deps-frontend:
 	cd frontend && pnpm install
@@ -59,7 +59,7 @@ db-create-migration:
 	cd backend/database && cargo sqlx migrate add $1
 
 db-reset:
-	cd backend && make reset-db
+	cd backend && make db-reset
 
 i18n:
 	cd frontend && pnpm i18n:sort && pnpm i18n:cleanup && pnpm i18n:unused