Denied access to [view: MainViewTopMenu] for user [anonymous]

Support
#1

We recently migrated our project from JMix 1.4.2 to 2.4.2 and have completed the migration process.
However, we are encountering the following error every time: Denied access to [view: MainViewTopMenu] for user [anonymous] by io.jmix.securityflowui.constraint.UiShowViewConstraint

Context:

  • Our project requires having menus at the top of the application.
  • We have used MainViewTopMenu for this purpose.
  • To allow access, I updated the UiMinimalRole as follows:
@ResourceRole(name = "UI: minimal access", code = UiMinimalRole.CODE, scope = SecurityScope.UI)
public interface UiMinimalRole extends UiMinimalPolicies {

    String CODE = "ui-minimal";

    @ViewPolicy(viewIds = "MainViewTopMenu")
    void main();

    @ViewPolicy(viewIds = "LoginView")
    @SpecificPolicy(resources = "ui.loginToUi")
    void login();

    @EntityPolicy(entityClass = KeyValueEntity.class, actions = EntityPolicyAction.READ)
    @EntityAttributePolicy(entityClass = KeyValueEntity.class, attributes = "*", action = EntityAttributePolicyAction.VIEW)
    void keyValueEntity();
}
#3

Hello!

Could you clarify do you try to configure anonymous access to MainViewTopMenu? This log message is not error, it has “debug” level to inform about security access. You can configure the level in application.properties:

# 'debug' level logs access control constraints
logging.level.io.jmix.core.AccessLogger = debug
#4

I didn’t try configuring anonymous access to MainViewTopMenu. However, when I do, I don’t see the menu items in the top menu bar.

Without configuring anonymous access, my application works fine locally. But when I push the same code to the dev environment, which runs in a Docker image on ECS, the menu items don’t appear, and I see ‘Denied Access’ only in the logs.

#5

The UiMinimalAccess role does not grant access to menu items, screens, etc. Access should be provided through custom roles created within the application. Does the logged-in user have any other roles assigned? Also, is the admin user unable to see the menu items? You can verify that the user in the dev environment has the necessary roles to access the menu items.