V16: Adds a state for "forbidden" for entities that return 403 (Access denied)

[iOvergaard]

This pull request introduces enhancements to error handling and user feedback mechanisms in the Umbraco.Web.UI.Client project. Specifically, it improves localization support for error messages across multiple languages, refines the handling of forbidden and not-found states, and adds new UI components to display these states.

Fixes #18533

Below is a breakdown of the most important changes:

Screenshots

📄 Document not found

👤 User group not found (base entity)

How to test

Verify forbidden:

1. Create a user in a group that does not have access to certain nodes
2. Log in to that user and click on the nodes
3. You should see a "forbidden" message

Verify not found:

1. Go to any document or entity
2. Change the GUID in the URL
3. You should see a "not found" message

Mock server

1. The mock server (npm run dev:mock) has "Forbidden" entries for most entities, so test those out - member (groups), user (groups), dictionary, media, etc.)
2. Example for users: https://victorious-ground-017b08103-19557.westeurope.6.azurestaticapps.net/section/user-management/workspace/user/edit/forbidden

Changes

Localization Enhancements

• Added localized strings for forbidden and not-found error messages in Danish (src/assets/lang/da.ts) [1] [2] German (src/assets/lang/de.ts) [3] [4] and English (src/assets/lang/en.ts) [5] [6].

Error Handling Improvements

• Updated UmbTryExecuteController to handle additional HTTP error statuses (400, 401, 403, 404) gracefully without displaying notifications, allowing the UI to manage these errors. (src/packages/core/resources/try-execute/try-execute.controller.ts).

UI Components for Error States

• Introduced a new umb-route-forbidden component to display a "Forbidden" message for restricted routes. (src/packages/core/router/route/forbidden/route-forbidden.element.ts).
• Added umb-entity-detail-forbidden component to show a "Forbidden" message for restricted entity details. (src/packages/core/workspace/entity-detail/global-components/entity-detail-forbidden.element.ts).

Workspace Context Updates

• Enhanced UmbEntityDetailWorkspaceContextBase to manage forbidden states using a new forbidden state manager. (src/packages/core/workspace/entity-detail/entity-detail-workspace-base.ts) [1] [2] [3] [4].
• Updated workspace editor components (entity-detail-workspace-editor.element.ts and document-workspace-editor.element.ts) to render forbidden states and adjust routing accordingly. (src/packages/core/workspace/entity-detail/global-components/entity-detail-workspace-editor.element.ts) [1] [2] and (src/packages/documents/documents/workspace/document-workspace-editor.element.ts) [3] [4] [5].

Routing Adjustments

• Exported the new umb-route-forbidden component in the router index file to integrate with routing logic. (src/packages/core/router/route/index.ts).

[iOvergaard]

Note: One interesting finding is that base entities (those using the base view, such as users, groups, data-types, etc.) handle "not found" - and now also "forbidden" - as Lit states (@state()), whereas documents handle it as routes. There are certain advantages to both; handling it through the router allows us to lazyload those elements from the 'router' package, however, handling it as states is a little easier since we are using Lit anyway. The router is not the most stable way if, say, we forget to remove the forbidden route again.

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://victorious-ground-017b08103-19557.westeurope.6.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://victorious-ground-017b08103-19557.westeurope.6.azurestaticapps.net

[github-actions]

Azure Static Web Apps: Your stage site is ready! Visit it here: https://victorious-ground-017b08103-19557.westeurope.6.azurestaticapps.net