Waiting for feedback

#2758 Bundle Size — 10.98MiB (~+0.01%).

6ba1d65(current) vs 95844d2 main#2743(baseline)

Bundle metrics   1 change

	Current #2758	Baseline #2743
Initial JS	1.9MiB	1.9MiB
Initial CSS	577.21KiB	577.21KiB
Cache Invalidation	17.39%	17.51%
Chunks	227	227
Assets	250	250
Modules	2952	2952
Duplicate Modules	154	154
Duplicate Code	1.8%	1.8%
Packages	98	98
Duplicate Packages	2	2

Bundle size by type   7 changes 7 regressions

	Current #2758	Baseline #2743
JS	9.19MiB (+100%)	undefined
CSS	867.33KiB (+100%)	undefined
Fonts	526.1KiB (+100%)	undefined
Media	295.6KiB (+100%)	undefined
IMG	140.74KiB (+100%)	undefined
HTML	1.38KiB (+100%)	undefined
Other	871B (+100%)	undefined

Bundle analysis report Branch jimtng:map-default-location-zoom Project dashboard

^{Generated by RelativeCI Documentation Report issue}

this is now ready

Just to make you aware, because the location picker is potentially user-facing and /rest/services is only for admins, you can have 403 errors when you do call that from this widget.

because the location picker is potentially user-facing and /rest/services is only for admins, you can have 403 errors when you do call that from this widget.

Thanks, I wasn't aware of that! I'm struggling to find where/how to create a user-facing page that would invoke the location picker. As far as I can see, the location picker (popup) is only called by parameter-location, which in turn is used by config-parameter, all of these are (currently) admin-only stuff.

In the event that it ever gets used in user-facing, wouldn't the 403 error be hidden in the javascript console, and not visible to user? In which case, they'd simply get a worldwide view, instead of the current mostly-Europe-only view.

A possible fallback from this is to query the location from the browser, but it would trigger a permission prompt. Perhaps we can add that later when the need arises.

In the event that it ever gets used in user-facing, wouldn't the 403 error be hidden in the javascript console, and not visible to user? In which case, they'd simply get a worldwide view, instead of the current mostly-Europe-only view.

Yes I suppose, but in general it shouldn't be "let's try something and fall back if it fails?"

I can add an isAdmin check before calling the REST, but this creates a "hard coded logic", assuming that this rest call is always going to be admin-only. Whilst the risk is small, if one day this particular endpoint is opened up to non-admin (e.g. for read-only access), then we'd have multiple places to update.

Your call - I can add an isAdmin here check if you prefer.

Alternatively I can just catch the exception and fail silently, or log a message telling them that beause they're not admin, the system location cannot be retrieved.