tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-09-28 20:29:15 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1756 from halkyon/permission_denied_hook

Browse Source 
BUG Security::permissionFailure() fixing permissionDenied hook inconsistency
This commit is contained in:
Sean Harvey 2013-05-13 02:15:58 -07:00
commit 15f7c884f8
1 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
security/Security.php
View File

@ -222,17 +222,20 @@ class Security extends Controller {
$messageSet = array('default' => $messageSet);
}
$member = Member::currentUser();
// Work out the right message to show
if(Member::currentUser()) {
if($member && $member->exists()) {
$response = ($controller) ? $controller->getResponse() : new SS_HTTPResponse();
$response->setStatusCode(403);
//If 'alreadyLoggedIn' is not specified in the array, then use the default
//which should have been specified in the lines above
if(isset($messageSet['alreadyLoggedIn']))
$message=$messageSet['alreadyLoggedIn'];
else
$message=$messageSet['default'];
if(isset($messageSet['alreadyLoggedIn'])) {
$message = $messageSet['alreadyLoggedIn'];
} else {
$message = $messageSet['default'];
}
// Somewhat hackish way to render a login form with an error message.
$me = new Security();
@ -240,8 +243,11 @@ class Security extends Controller {
$form->sessionMessage($message, 'warning');
Session::set('MemberLoginForm.force_message',1);
$formText = $me->login();
$response->setBody($formText);
$controller->extend('permissionDenied', $member);
return $response;
} else {
$message = $messageSet['default'];