From 3f0136749b10781d93ea8f13e478a37089e93b70 Mon Sep 17 00:00:00 2001 From: Sam Minnee Date: Fri, 15 Jun 2012 15:17:32 +1200 Subject: [PATCH] API CHANGE: Add Security::ignore_disallowed_actions() to allow site features to be disabled when permissions have failed, rather than redirecting to the log-in form. (Trac #7097) --- security/Security.php | 16 ++++++++++++++++ view/SSViewer.php | 4 +++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/security/Security.php b/security/Security.php index ec99a6cc6..205b9a070 100644 --- a/security/Security.php +++ b/security/Security.php @@ -158,6 +158,8 @@ class Security extends Controller { * to log in. */ static function permissionFailure($controller = null, $messageSet = null) { + self::set_ignore_disallowed_actions(true); + if(!$controller) $controller = Controller::curr(); if(Director::is_ajax()) { @@ -864,4 +866,18 @@ class Security extends Controller { return self::$default_login_dest; } + protected static $ignore_disallowed_actions = false; + + /** + * Set to true to ignore access to disallowed actions, rather than returning permission failure + * Note that this is just a flag that other code needs to check with Security::ignore_disallowed_actions() + * @param $flag True or false + */ + public static function set_ignore_disallowed_actions($flag) { + self::$ignore_disallowed_actions = $flag; + } + public static function ignore_disallowed_actions() { + return self::$ignore_disallowed_actions; + } + } diff --git a/view/SSViewer.php b/view/SSViewer.php index 23b1f4eaf..70215dbfc 100644 --- a/view/SSViewer.php +++ b/view/SSViewer.php @@ -612,7 +612,9 @@ class SSViewer { if(Director::isDev() || Director::is_cli() || Permission::check('ADMIN')) { self::flush_template_cache(); } else { - return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.'); + if(!Security::ignore_disallowed_actions()) { + return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.'); + } } }