Merge pull request #1756 from halkyon/permission_denied_hook

BUG Security::permissionFailure() fixing permissionDenied hook inconsistency
This commit is contained in:
Sean Harvey 2013-05-13 02:15:58 -07:00
commit 15f7c884f8

View File

@ -222,17 +222,20 @@ class Security extends Controller {
$messageSet = array('default' => $messageSet);
}
$member = Member::currentUser();
// Work out the right message to show
if(Member::currentUser()) {
if($member && $member->exists()) {
$response = ($controller) ? $controller->getResponse() : new SS_HTTPResponse();
$response->setStatusCode(403);
//If 'alreadyLoggedIn' is not specified in the array, then use the default
//which should have been specified in the lines above
if(isset($messageSet['alreadyLoggedIn']))
$message=$messageSet['alreadyLoggedIn'];
else
$message=$messageSet['default'];
if(isset($messageSet['alreadyLoggedIn'])) {
$message = $messageSet['alreadyLoggedIn'];
} else {
$message = $messageSet['default'];
}
// Somewhat hackish way to render a login form with an error message.
$me = new Security();
@ -240,8 +243,11 @@ class Security extends Controller {
$form->sessionMessage($message, 'warning');
Session::set('MemberLoginForm.force_message',1);
$formText = $me->login();
$response->setBody($formText);
$controller->extend('permissionDenied', $member);
return $response;
} else {
$message = $messageSet['default'];