tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

API CHANGE: Added Security::set_login_url() so that you can define an alternative log-in page if you have made one yourself.

Browse Source
This commit is contained in:
Sam Minnee 2011-03-16 16:13:14 +13:00 committed by Ingo Schommer
parent 33a1fc7b3a
commit d8bfc0bb48
4 changed files with 30 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dev/Debug.php
View File

@ -652,7 +652,7 @@ class Debug {
$_SESSION['Security']['Message']['type'] = 'warning'; $_SESSION['Security']['Message']['type'] = 'warning';
$_SESSION['BackURL'] = $_SERVER['REQUEST_URI']; $_SESSION['BackURL'] = $_SERVER['REQUEST_URI'];
header($_SERVER['SERVER_PROTOCOL'] . " 302 Found"); header($_SERVER['SERVER_PROTOCOL'] . " 302 Found");
header("Location: " . Director::baseURL() . "Security/login"); header("Location: " . Director::baseURL() . Security::login_url());
die(); die();
} }
} }

22
security/Security.php
View File

@ -242,7 +242,10 @@ class Security extends Controller {
// Audit logging hook // Audit logging hook
$controller->extend('permissionDenied', $member); $controller->extend('permissionDenied', $member);
$controller->redirect("Security/login?BackURL=" . urlencode($_SERVER['REQUEST_URI'])); $controller->redirect(
Config::inst()->get('Security', 'login_url')
. "?BackURL=" . urlencode($_SERVER['REQUEST_URI'])
);
} }
return; return;
} }
@ -927,8 +930,25 @@ class Security extends Controller {
public static function set_ignore_disallowed_actions($flag) { public static function set_ignore_disallowed_actions($flag) {
self::$ignore_disallowed_actions = $flag; self::$ignore_disallowed_actions = $flag;
} }
public static function ignore_disallowed_actions() { public static function ignore_disallowed_actions() {
return self::$ignore_disallowed_actions; return self::$ignore_disallowed_actions;
} }
protected static $login_url = "Security/login";
/**
* Set a custom log-in URL if you have built your own log-in page.
*/
public static function set_login_url($loginUrl) {
self::$login_url = $loginUrl;
}
/**
* Get the URL of the log-in page.
* Defaults to Security/login but can be re-set with {@link set_login_url()}
*/
public static function login_url() {
return self::$login_url;
}
} }

2
tests/control/DirectorTest.php
View File

@ -252,7 +252,7 @@ class DirectorTest extends SapphireTest {
} }
public function testForceSSLOnSubPagesPattern() { public function testForceSSLOnSubPagesPattern() {
$_SERVER['REQUEST_URI'] = Director::baseURL() . 'Security/login'; $_SERVER['REQUEST_URI'] = Director::baseURL() . Config::inst()->get('Security', 'login_url');
$output = Director::forceSSL(array('/^Security/')); $output = Director::forceSSL(array('/^Security/'));
$this->assertEquals($output, 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); $this->assertEquals($output, 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
} }

11
tests/security/SecurityTest.php
View File

@ -57,7 +57,10 @@ class SecurityTest extends FunctionalTest {
$response = $this->get('SecurityTest_SecuredController'); $response = $this->get('SecurityTest_SecuredController');
$this->assertEquals(302, $response->getStatusCode()); $this->assertEquals(302, $response->getStatusCode());
$this->assertContains('Security/login', $response->getHeader('Location')); $this->assertContains(
Config::inst()->get('Security', 'login_url'),
$response->getHeader('Location')
);
$this->logInWithPermission('ADMIN'); $this->logInWithPermission('ADMIN');
$response = $this->get('SecurityTest_SecuredController'); $response = $this->get('SecurityTest_SecuredController');
@ -74,7 +77,7 @@ class SecurityTest extends FunctionalTest {
$this->session()->inst_set('loggedInAs', $member->ID); $this->session()->inst_set('loggedInAs', $member->ID);
/* View the Security/login page */ /* View the Security/login page */
$response = $this->get('Security/login'); $response = $this->get(Config::inst()->get('Security', 'login_url'));
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.action'); $items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.action');
@ -108,7 +111,7 @@ class SecurityTest extends FunctionalTest {
$this->autoFollowRedirection = true; $this->autoFollowRedirection = true;
/* Attempt to get into the admin section */ /* Attempt to get into the admin section */
$response = $this->get('Security/login/'); $response = $this->get(Config::inst()->get('Security', 'login_url'));
$items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.text'); $items = $this->cssParser()->getBySelector('#MemberLoginForm_LoginForm input.text');
@ -396,7 +399,7 @@ class SecurityTest extends FunctionalTest {
public function doTestLoginForm($email, $password, $backURL = 'test/link') { public function doTestLoginForm($email, $password, $backURL = 'test/link') {
$this->get('Security/logout'); $this->get('Security/logout');
$this->session()->inst_set('BackURL', $backURL); $this->session()->inst_set('BackURL', $backURL);
$this->get('Security/login'); $this->get(Config::inst()->get('Security', 'login_url'));
return $this->submitForm( return $this->submitForm(
"MemberLoginForm_LoginForm", "MemberLoginForm_LoginForm",