Skip to content

fix(ui): replace admin fallback with sign-in CTA on error pages#184

Merged
AAdewunmi merged 1 commit into
mainfrom
feat/ship-shared-forbidden-page
Apr 16, 2026
Merged

fix(ui): replace admin fallback with sign-in CTA on error pages#184
AAdewunmi merged 1 commit into
mainfrom
feat/ship-shared-forbidden-page

Conversation

@AAdewunmi

@AAdewunmi AAdewunmi commented Apr 16, 2026

Copy link
Copy Markdown
Owner

Summary
Replaces the admin-oriented fallback action on shared error pages with a public sign-in CTA so recovery paths stay role-safe and aligned with the broader ReturnHub product experience.

Changes

  • updated templates/errors/403.html to replace Open Django admin with Go to sign in
  • updated templates/errors/404.html to replace Open Django admin with Go to sign in
  • updated templates/errors/500.html to replace Open Django admin with Go to sign in
  • preserved the existing Return to landing page primary action on all shared error templates
  • kept the branded error layout, tone, and shared rh-* UI structure intact

Why
The previous fallback action was technically valid, but it exposed an admin-oriented recovery path on shared public error pages used by customers, merchants, ops users, and anonymous visitors. Replacing it with a sign-in CTA keeps the recovery path broadly useful, better matches ReturnHub’s role-entry model, and avoids surfacing Django admin as the default fallback for non-admin audiences.

Validation

  • verified templates/errors/403.html, 404.html, and 500.html now point to accounts:login_merchant for the secondary CTA
  • confirmed the primary landing-page recovery action remains unchanged
  • confirmed the shared error handlers remain wired through ui.error_views and config/urls.py

Result

  • shared error pages now present a role-safe recovery action
  • the error experience remains branded and consistent with the rest of ReturnHub
  • users are directed toward sign-in rather than an admin-only fallback path

Notes

  • this change is UX-oriented rather than infrastructural; the previous admin link was wired correctly
  • authenticated users still have clear access to allowed surfaces through the shared role-aware app navigation
  • if desired later, the sign-in CTA could be made even more context-aware by routing to a surface chooser rather than a single sign-in entry

@AAdewunmi AAdewunmi self-assigned this Apr 16, 2026
@AAdewunmi AAdewunmi added the sprint-6-frontend-security Ship shared forbidden page label Apr 16, 2026
@AAdewunmi AAdewunmi linked an issue Apr 16, 2026 that may be closed by this pull request
Ship shared forbidden page #180
Closed
@codecov

codecov Bot commented Apr 16, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@AAdewunmi AAdewunmi merged commit 9521a09 into main Apr 16, 2026
2 checks passed
@AAdewunmi AAdewunmi deleted the feat/ship-shared-forbidden-page branch April 16, 2026 13:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@AAdewunmi AAdewunmi

Labels

sprint-6-frontend-security Ship shared forbidden page

Projects

No open projects
ReturnHub Platform Development Board
Status: Done

Milestone

Sprint 6 - Multi-surface product shell

Development

Successfully merging this pull request may close these issues.

Ship shared forbidden page

1 participant

@AAdewunmi