403 error on canvas editor page for "content_editor" role with "Administer code components" and "Administer content templates" permissions

Created on 11 September 2025, 23 days ago

Updated 12 September 2025, 22 days ago

Overview

A user role content_editor is assigned the permissions Administer code components and Administer content templates. However, when a user with this role attempts to visit the canvas editing page a 403 Forbidden error is encountered, preventing access to the editor.

The backend (BE) permissions appear correctly set, but the frontend (FE) does not allow the user to load the editor.

Steps to Reproduce

Create a user role named content_editor.
Assign the following permissions to the role:
- Administer code components
- Administer content templates
Log in with a user assigned the content_editor role.
Visit /canvas/editor/canvas_page/[PAGE_ID], such as /canvas/editor/canvas_page/1.
Observe that a 403 Forbidden error is displayed instead of the editor.

Expected Result:

A user with the appropriate backend permissions should be able to load the canvas editor page (even if certain JS/frontend features are not available).

Proposed resolution

User interface changes

🐛 Bug report

Status

Postponed: needs info

Version

1.0

Component

… to be triaged

Created by

mayur-sose

Live updates comments and jobs are added and updated live.

Incomplete comments

Merge Requests

!149403 error on canvas editor page for "content_editor" role with "Administer code components" and "Administer content templates" permissions
Open
🇬🇧United Kingdom jessebaker
updated about 19 hours ago

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Merge request !149Draft: #3546119 UX flow improvements, ensuring side menu is accessible when on root route. → (Open) created by jessebaker

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024