From f54697930efb4e6acf174a4b0fc570521a8b8788 Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Wed, 16 Mar 2011 15:45:43 +1300
Subject: [PATCH] API CHANGE: Add a PermissionFailureException that can be
 thrown to trigger a log-in.

---
 control/RequestHandler.php              |  2 ++
 security/PermissionFailureException.php | 10 ++++++++++
 2 files changed, 12 insertions(+)
 create mode 100644 security/PermissionFailureException.php

diff --git a/control/RequestHandler.php b/control/RequestHandler.php
index c67793762..38221aa75 100644
--- a/control/RequestHandler.php
+++ b/control/RequestHandler.php
@@ -184,6 +184,8 @@ class RequestHandler extends ViewableData {
 							$result = $this->$action($request);
 						} catch(SS_HTTPResponse_Exception $responseException) {
 							$result = $responseException->getResponse();
+						} catch(PermissionFailureException $e) {
+							$result = Security::permissionFailure(null, $e->getMessage());
 						}
 					} else {
 						return $this->httpError(403, "Action '$action' isn't allowed on class " . get_class($this));
diff --git a/security/PermissionFailureException.php b/security/PermissionFailureException.php
new file mode 100644
index 000000000..97b50e39c
--- /dev/null
+++ b/security/PermissionFailureException.php
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * Throw this exception to register that a user doesn't have permission to do the given action
+ * and potentially redirect them to the log-in page.  The exception message may be presented to the
+ * user, so it shouldn't be in nerd-speak.
+ */
+class PermissionFailureException extends Exception {
+
+}
\ No newline at end of file