mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
API CHANGE: Add Security::ignore_disallowed_actions() to allow site features to be disabled when permissions have failed, rather than redirecting to the log-in form. (Trac #7097)
This commit is contained in:
parent
09e821efc3
commit
3f0136749b
@ -158,6 +158,8 @@ class Security extends Controller {
|
|||||||
* to log in.
|
* to log in.
|
||||||
*/
|
*/
|
||||||
static function permissionFailure($controller = null, $messageSet = null) {
|
static function permissionFailure($controller = null, $messageSet = null) {
|
||||||
|
self::set_ignore_disallowed_actions(true);
|
||||||
|
|
||||||
if(!$controller) $controller = Controller::curr();
|
if(!$controller) $controller = Controller::curr();
|
||||||
|
|
||||||
if(Director::is_ajax()) {
|
if(Director::is_ajax()) {
|
||||||
@ -864,4 +866,18 @@ class Security extends Controller {
|
|||||||
return self::$default_login_dest;
|
return self::$default_login_dest;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected static $ignore_disallowed_actions = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Set to true to ignore access to disallowed actions, rather than returning permission failure
|
||||||
|
* Note that this is just a flag that other code needs to check with Security::ignore_disallowed_actions()
|
||||||
|
* @param $flag True or false
|
||||||
|
*/
|
||||||
|
public static function set_ignore_disallowed_actions($flag) {
|
||||||
|
self::$ignore_disallowed_actions = $flag;
|
||||||
|
}
|
||||||
|
public static function ignore_disallowed_actions() {
|
||||||
|
return self::$ignore_disallowed_actions;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -612,7 +612,9 @@ class SSViewer {
|
|||||||
if(Director::isDev() || Director::is_cli() || Permission::check('ADMIN')) {
|
if(Director::isDev() || Director::is_cli() || Permission::check('ADMIN')) {
|
||||||
self::flush_template_cache();
|
self::flush_template_cache();
|
||||||
} else {
|
} else {
|
||||||
return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.');
|
if(!Security::ignore_disallowed_actions()) {
|
||||||
|
return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user