I have been trying to configure an Experience Builder Developer Edition app to have both an internal and external view, using the new page visibility restriction settings available since ExB V1.19. Unfortunately, I've experienced what seems like a bug related to page visibility restrictions, and I will also share my hacky solution.
First, my app configuration:
App has 4 pages, one with no restrictions, and 3 private, with the same group restriction (1 group). These pages are navigable via a menu widget in the header. There is a login widget in the header as well, allowing users to login to the app. The login widget uses the "popup window" page display appearance, and the security settings i the privacy and security section are set to "Skip sign-in prompt for secured resources", and "skip credential banner".
Testing/Reproducability steps (ExB v1.20):
With no extra adjustments, this app is downloaded, and placed on a web server, then an unauthenticated user navigates to the homepage. The homepage loads properly, and the menu widget filters out the restricted pages (Expected behavior so far). The user then logs into the app via the login widget, but after logging in, the other pages do not pop into the menu widget. In addition, navigating directly to the page via url parameters ends in a 404 error, so not only are the pages not showing up in the menu widget, they're appearing as completely inaccessible.
The Fix:
I noticed in the console log within devtools that there is an error message that comes up whenever the app is loaded, saying "No portal info". I did some digging, and it looks like the big issue comes from the appInfo.portalUrl object being null at runtime for some reason. According to the devtools error, this seems to be related to the file at client/dist/jimu-core/index.js. To try and resolve the null portalUrl object failing to resolve at runtime, I performed the following "Find and replaces" on the client/dist/jimu-core/index.js file:
- r.appInfo.portalUrl -> r.appInfo?.portalUrl
- r.appInfo.owner -> r.appInfo?.owner
After completing these two find and replaces, changing nothing else about the applications configuration (like widgets, settings, etc), and then downloading the application and replacing it on the web server, the issue is fixed, and the page visibility restrictions act as normal (Not showing the pages when not logged in, or logged in using a user without access to the groups, but showing the pages when logged in with a user with the proper access).
In conclusion, this seems like a bug, but I'm not sure if it's the correct solution for the problem, especially since it would be a real pain to set up CI/CD to implement this patch. I would appreciate any advice from Esri support on this issue.
