Access error should return a page template and not a json

[StCyr]

When a user who is not in GeneralManager group, he has a json page and not a web page from Nextcloud.

To test that :

1. First, you connect to our dev platform ;
2. Second, in the users settings, remove me to GeneralManager group ;
3. Third, use impersonate to impersonate me ;
4. Then, click on the Workspace button and look at the result ;

I think the Middleware should return a page template.

Doc : https://docs.nextcloud.com/server/21/developer_manual/basics/middlewares.html.

Originally posted by @zak39 in #22 (comment)

[StCyr]

@zak39 I've created an issue for that.

I don't think it's a very urgent issue as this error shouldn't happen: the frontent should not ask the backend to perform operations that the user is not allowed to do. So, the only cases where this error would show up are either a bug in the frontend or a call originating from somewhere else than the frontend.

[zak39]

Thanks @StCyr :)

We must find a solution to hide the workspace button in the header and show authorized users only.

But we should create an error page 403 Forbidden (https://developer.mozilla.org/fr/docs/Web/HTTP/Status/403) which forbidden users access to resource.

I agree that this issue is not urgent.

[StCyr]

We must find a solution to hide the workspace button in the header and show authorized users only.

We can use the 'limit to groups" app functionnality: