BUG Fixing session keep alive for non-ADMIN users

SecurityAdmin isn't always available for CMS users, as they might
not have permission to view that section. This fixes the problem
with session keep alive by moving the ping to Security/ping, which
is available for all users.
This commit is contained in:
Sean Harvey 2012-11-05 15:41:10 +13:00
parent 42a5065199
commit 3451da001a
3 changed files with 9 additions and 11 deletions

View File

@ -80,7 +80,6 @@ class LeftAndMain extends Controller implements PermissionProvider {
'updatetreenodes', 'updatetreenodes',
'printable', 'printable',
'show', 'show',
'ping',
'EditorToolbar', 'EditorToolbar',
'EditForm', 'EditForm',
'AddForm', 'AddForm',
@ -398,15 +397,6 @@ class LeftAndMain extends Controller implements PermissionProvider {
return $this->getResponseNegotiator()->respond($request); return $this->getResponseNegotiator()->respond($request);
} }
/**
* admin/ping can be visited with ajax to keep a session alive.
* This is used in the CMS.
*/
public function ping() {
Requirements::clear();
return 1;
}
/** /**
* If this is set to true, the "switchView" context in the * If this is set to true, the "switchView" context in the
* template is shown, with links to the staging and publish site. * template is shown, with links to the staging and publish site.

View File

@ -38,7 +38,7 @@
// setup pinging for login expiry // setup pinging for login expiry
setInterval(function() { setInterval(function() {
$.ajax({ $.ajax({
url: 'admin/security/ping', url: 'Security/ping',
global: false, global: false,
type: 'POST', type: 'POST',
complete: onSessionLost complete: onSessionLost

View File

@ -14,6 +14,7 @@ class Security extends Controller {
'lostpassword', 'lostpassword',
'passwordsent', 'passwordsent',
'changepassword', 'changepassword',
'ping',
'LoginForm', 'LoginForm',
'ChangePasswordForm', 'ChangePasswordForm',
'LostPasswordForm', 'LostPasswordForm',
@ -294,6 +295,13 @@ class Security extends Controller {
return "Security/$action"; return "Security/$action";
} }
/**
* This action is available as a keep alive, so user
* sessions don't timeout. A common use is in the admin.
*/
public function ping() {
return 1;
}
/** /**
* Log the currently logged in user out * Log the currently logged in user out