UX: improve error message when no trust level to login from DiscourseHub

DiscourseHub requires generating API keys to login, which is affected by
the min_trust_level_for_user_api_key site setting.

If it is increased over the default of 0, then new users with 0 trust
level will not be able to login with the app, and in that case we would
be showing them a technical error message involving API keys, which
might be bad UX for newcomers to Discourse.

This commit differentiates exactly that case, and serves a less
technical error message.

app/controllers/user_api_keys_controller.rb

@@ -33,6 +33,7 @@ class UserApiKeysController < ApplicationController
 
     unless meets_tl?
       @no_trust_level = true
+      @is_discourse_hub_app = true if is_discourse_hub_app?
       return
     end
 
@@ -197,6 +198,10 @@ class UserApiKeysController < ApplicationController
     current_user.staff? || current_user.trust_level >= SiteSetting.min_trust_level_for_user_api_key
   end
 
+  def is_discourse_hub_app?
+    params[:discourse_app] == '1'
+  end
+
   def one_time_password(public_key, username)
     raise Discourse::InvalidAccess unless UserApiKey.allowed_scopes.superset?(Set.new(["one_time_password"]))
 

app/views/user_api_keys/new.html.erb

@@ -1,6 +1,10 @@
 <h1><%= t "user_api_key.title" %></h1>
 <div class='authorize-api-key'>
-<% if @no_trust_level %>
+<% if @no_trust_level && @is_discourse_hub_app %>
+  <h3>
+  <%= t("user_api_key.no_trust_level_discourse_hub") %>
+  </h3>
+<% elsif @no_trust_level && ! @is_discourse_hub_app %>
   <h3>
   <%= t("user_api_key.no_trust_level") %>
   </h3>

config/locales/server.en.yml

@@ -1078,6 +1078,7 @@ en:
       logging_in_as: Logging in as %{username}
       confirm_button: Finish Login
     no_trust_level: "Sorry, you do not have the required trust level to access the user API"
+    no_trust_level_discourse_hub: "Sorry, you do not have the required user trust level to log in with DiscourseHub. Please contact site administrators and mention this error."
     generic_error: "Sorry, we are unable to issue user API keys, this feature may be disabled by the site admin"
     scopes:
       message_bus: "Live updates"
@@ -2269,7 +2270,7 @@ en:
 
     allow_user_api_keys: "Allow generation of user API keys"
     allow_user_api_key_scopes: "List of scopes allowed for user API keys"
-    min_trust_level_for_user_api_key: "Trust level required for generation of user API keys"
+    min_trust_level_for_user_api_key: "Trust level required for generation of user API keys. Note that login with DiscourseHub, our mobile app, requires generating user API keys."
     allowed_user_api_auth_redirects: "Allowed URL for authentication redirect for user API keys. Wildcard symbol * can be used to match any part of it (e.g. www.example.com/*)."
     allowed_user_api_push_urls: "Allowed URLs for server push to user API"
     expire_user_api_keys_days: "Number of days before a user API key automatically expires (0 for never)"