Merge pull request #9447 from mattclegg/docs__GridFieldDetailForm_ItemRequest-httpError

[DOCS] Better debug text for errors generated by GridFieldDetailForm_ItemRequest

composer.json

@@ -55,7 +55,8 @@
     "require-dev": {
         "phpunit/phpunit": "^5.7",
         "sminnee/phpunit-mock-objects": "^3.4.5",
-        "silverstripe/versioned": "^1"
+        "silverstripe/versioned": "^1",
+        "squizlabs/php_codesniffer": "^3.5"
     },
     "provide": {
         "psr/container-implementation": "1.0.0"
@@ -104,4 +105,4 @@
     },
     "minimum-stability": "dev",
     "prefer-stable": true
-}
+}

lang/en.yml

@@ -111,6 +111,8 @@ en:
     NEW: 'Add new record'
     NEXT: 'Go to next record'
     PREVIOUS: 'Go to previous record'
+    EditPermissionsFailure: 'It seems you don''t have the necessary permissions to edit "{ObjectTitle}"'
+    ViewPermissionsFailure: 'It seems you don''t have the necessary permissions to view "{ObjectTitle}"'
   SilverStripe\Forms\GridField\GridFieldEditButton:
     EDIT: Edit
   SilverStripe\Forms\GridField\GridFieldFilterHeader:

phpcs.xml.dist

@@ -18,7 +18,7 @@
 		<exclude name="Generic.Files.LineLength.TooLong" />
 		<exclude name="PEAR.Functions.ValidDefaultValue.NotAtEnd" />
 	</rule>
-	<rule phpcbf-only="true" ref="Squiz.Strings.ConcatenationSpacing">
+	<rule ref="Squiz.Strings.ConcatenationSpacing">
 		<properties>
 			<property name="spacing" value="1" />
 			<property name="ignoreNewlines" value="true"/>

src/Forms/GridField/GridFieldDetailForm_ItemRequest.php

@@ -111,7 +111,11 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler
     public function view($request)
     {
         if (!$this->record->canView()) {
-            $this->httpError(403);
+            $this->httpError(403, _t(
+                __CLASS__ . '.ViewPermissionsFailure',
+                'It seems you don\'t have the necessary permissions to view "{ObjectTitle}"',
+                ['ObjectTitle' => $this->record->singular_name()]
+            ));
         }
 
         $controller = $this->getToplevelController();
@@ -189,8 +193,11 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler
 
         if (!$this->record->canView()) {
             $controller = $this->getToplevelController();
-            // TODO More friendly error
+            return $controller->httpError(403, _t(
-            return $controller->httpError(403);
+                __CLASS__ . '.ViewPermissionsFailure',
+                'It seems you don\'t have the necessary permissions to view "{ObjectTitle}"',
+                ['ObjectTitle' => $this->record->singular_name()]
+            ));
         }
 
         $fields = $this->component->getFields();
@@ -490,7 +497,12 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler
 
         // Check permission
         if (!$this->record->canEdit()) {
-            return $this->httpError(403);
+            $this->httpError(403, _t(
+                __CLASS__ . '.EditPermissionsFailure',
+                'It seems you don\'t have the necessary permissions to edit "{ObjectTitle}"',
+                ['ObjectTitle' => $this->record->singular_name()]
+            ));
+            return null;
         }
 
         // Save from form data

src/Security/PasswordExpirationMiddleware.php

@@ -25,13 +25,13 @@ class PasswordExpirationMiddleware implements HTTPMiddleware
     /**
      * Session key for persisting URL of the password change form
      */
-    const SESSION_KEY_REDIRECT = __CLASS__.'.change password redirect';
+    const SESSION_KEY_REDIRECT = __CLASS__ . '.change password redirect';
 
     /**
      * Session key for persisting a flag allowing to process the current request
      * without performing password expiration check
      */
-    const SESSION_KEY_ALLOW_CURRENT_REQUEST = __CLASS__.'.allow current request';
+    const SESSION_KEY_ALLOW_CURRENT_REQUEST = __CLASS__ . '.allow current request';
 
     /**
      * List of URL patterns allowed for users to visit where