Hi all,
Being a huge fan of the AI Mentor, I look at it as a daily tool to support code review.
By reviewing an End-User Reactive app, I crossed myself with this finding, on which I don't know how to solve:
The purpose of screens of these type (Invalid Permissions / Internal Error) is to redirect the user in case of failures or missed permissions. So, I cannot put a role on a screen that is used for a user to be redirected in case of not having a role.
How should I fix this finding?
Best regards,
Tiago Rodrigues
Hi @Daniël Kuhlmann!
Thanks for the suggestion.
In this case, AI Mentor was right :D (one digital cookie for the team). He was indeed alerting that I should avoid having a registered role instead of user roles. And we noticed that we were putting the screens with "Registered", when in fact, we should have them anonymous for sure, to allow a user with a expired session to go to that screen and then redirected to the Login.
I've changed the screens to anonymous and the finding was solved.
Sorry for misleading. Have a nice day!
Tiago
Hi,
AI mentor Studio, is just not that smart that it understand the purpose of your screen. For al you could have names screen in your local language (please don't)
In this case and for login and logout screen, you should report this as a false positive, as these screens have on purpose only the anonymous role selected. You should not fix this.
Regards,
Daniel