Preloader and Security

Hello!
On this site, a user will first log in. After logging in user is delivered to _mainhome page.

There is a preloader on that page.

It also loads different server side pieces of information, based on users’ assigned permissions.

My problem is that if the user doesn’t have permission for something (like in the image below) the preloader just keeps spinning and spinning, because that one server action page returned a 302.

It should return a 302 because the server action page had a permission required that the user didn’t have.

I really need all these different server actions to load on the _mainpage and not on separate pages, so I cannot just load that server action on another page (though it would be an easy solution).

So, am I thinking of this wrong? Is there a better way to limit what gets sent to the user’s page - when it all needs to be on the main page?
Or can I stop that preloader from spinning even though there was a permission problem?

image955×424 13.4 KB

Déjà vu?

Wow, I searched for that and could not find it. Thanks!

Current problem is that the 403 is still causing the preloader to spin.

I think you will have to handle that on the client side. Using the forbidden (403) dynamic event, you can stop the preloader, or navigate to another page using browser goto.

Oh, perfect.
/smh it didn’t even occur to me to “stop preloader” on the “Forbidden” event.
Thanks.

Use a counter (integer) variable to count the number of pending SC calls.

When the SC starts, increment, when the SC ends (success or Forbidden) decrement. Show the preloader if count != 0 (disclaimer: I’ve used a preloader before)

I think I probably wrote this in a topic before, but I can’t find it

@Apple possibly this topic: Single 'state.executing' Statement for ANY Server Connect?