Merge pull request #1756 from halkyon/permission_denied_hook

BUG Security::permissionFailure() fixing permissionDenied hook inconsistency
This commit is contained in:
Sean Harvey 2013-05-13 02:15:58 -07:00
commit 15f7c884f8

View File

@ -222,17 +222,20 @@ class Security extends Controller {
$messageSet = array('default' => $messageSet); $messageSet = array('default' => $messageSet);
} }
$member = Member::currentUser();
// Work out the right message to show // Work out the right message to show
if(Member::currentUser()) { if($member && $member->exists()) {
$response = ($controller) ? $controller->getResponse() : new SS_HTTPResponse(); $response = ($controller) ? $controller->getResponse() : new SS_HTTPResponse();
$response->setStatusCode(403); $response->setStatusCode(403);
//If 'alreadyLoggedIn' is not specified in the array, then use the default //If 'alreadyLoggedIn' is not specified in the array, then use the default
//which should have been specified in the lines above //which should have been specified in the lines above
if(isset($messageSet['alreadyLoggedIn'])) if(isset($messageSet['alreadyLoggedIn'])) {
$message=$messageSet['alreadyLoggedIn']; $message = $messageSet['alreadyLoggedIn'];
else } else {
$message=$messageSet['default']; $message = $messageSet['default'];
}
// Somewhat hackish way to render a login form with an error message. // Somewhat hackish way to render a login form with an error message.
$me = new Security(); $me = new Security();
@ -240,8 +243,11 @@ class Security extends Controller {
$form->sessionMessage($message, 'warning'); $form->sessionMessage($message, 'warning');
Session::set('MemberLoginForm.force_message',1); Session::set('MemberLoginForm.force_message',1);
$formText = $me->login(); $formText = $me->login();
$response->setBody($formText); $response->setBody($formText);
$controller->extend('permissionDenied', $member);
return $response; return $response;
} else { } else {
$message = $messageSet['default']; $message = $messageSet['default'];