Commit 3d184f6a48b791740f3b030e7d4658cdb4937d33
1 parent
958a2dc3
handle anonymous permissions more gracefully.
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@5707 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
2 changed files
with
14 additions
and
11 deletions
lib/dispatcher.inc.php
| ... | ... | @@ -204,11 +204,16 @@ class KTStandardDispatcher extends KTDispatcher { |
| 204 | 204 | } |
| 205 | 205 | |
| 206 | 206 | function permissionDenied () { |
| 207 | - global $default; | |
| 208 | - | |
| 209 | - $msg = '<h2>' . _kt('Permission Denied') . '</h2>'; | |
| 210 | - $msg .= '<p>' . _kt('If you feel that this is incorrect, please report both the action and your username to a system administrator.') . '</p>'; | |
| 211 | - | |
| 207 | + // handle anonymous specially. | |
| 208 | + if ($this->oUser->getId() == -2) { | |
| 209 | + redirect(KTUtil::ktLink('login.php','',sprintf("redirect=%s&errorMessage=%s", urlencode($_SERVER['REQUEST_URI']), urlencode(_kt("You must be logged in to perform this action"))))); exit(0); | |
| 210 | + } | |
| 211 | + | |
| 212 | + global $default; | |
| 213 | + | |
| 214 | + $msg = '<h2>' . _kt('Permission Denied') . '</h2>'; | |
| 215 | + $msg .= '<p>' . _kt('If you feel that this is incorrect, please report both the action and your username to a system administrator.') . '</p>'; | |
| 216 | + | |
| 212 | 217 | $this->oPage->setPageContents($msg); |
| 213 | 218 | $this->oPage->setUser($this->oUser); |
| 214 | 219 | $this->oPage->hideSection(); | ... | ... |
view.php
| ... | ... | @@ -111,7 +111,7 @@ class ViewDocumentDispatcher extends KTStandardDispatcher { |
| 111 | 111 | return $this->do_error(); |
| 112 | 112 | } else if (!Permission::userHasDocumentReadPermission($oDocument)) { |
| 113 | 113 | $this->oPage->addError(_kt('You are not allowed to view this document')); |
| 114 | - return $this->do_error(); | |
| 114 | + return $this->permissionDenied(); | |
| 115 | 115 | } |
| 116 | 116 | } |
| 117 | 117 | |
| ... | ... | @@ -350,7 +350,7 @@ class ViewDocumentDispatcher extends KTStandardDispatcher { |
| 350 | 350 | if (!Permission::userHasDocumentReadPermission($oDocument)) { |
| 351 | 351 | // FIXME inconsistent. |
| 352 | 352 | $this->oPage->addError(_kt('You are not allowed to view this document')); |
| 353 | - return $this->do_error(); | |
| 353 | + return $this->permissionDenied(); | |
| 354 | 354 | } |
| 355 | 355 | |
| 356 | 356 | $this->oDocument =& $oDocument; |
| ... | ... | @@ -457,10 +457,8 @@ class ViewDocumentDispatcher extends KTStandardDispatcher { |
| 457 | 457 | return $oTemplate->render($aTemplateData); |
| 458 | 458 | } |
| 459 | 459 | |
| 460 | - /* we have a lot of error handling. this one is the absolute final failure. */ | |
| 461 | 460 | function do_error() { |
| 462 | - return ''; // allow normal rendering of errors. | |
| 463 | - // FIXME show something useful / generic. | |
| 461 | + return ' '; // don't actually do anything. | |
| 464 | 462 | } |
| 465 | 463 | |
| 466 | 464 | function do_startComparison() { |
| ... | ... | @@ -487,7 +485,7 @@ class ViewDocumentDispatcher extends KTStandardDispatcher { |
| 487 | 485 | if (!Permission::userHasDocumentReadPermission($oDocument)) { |
| 488 | 486 | // FIXME inconsistent. |
| 489 | 487 | $this->oPage->addError(_kt('You are not allowed to view this document')); |
| 490 | - return $this->do_error(); | |
| 488 | + return $this->permissionDenied(); | |
| 491 | 489 | } |
| 492 | 490 | $this->oDocument =& $oDocument; |
| 493 | 491 | $this->oPage->setSecondaryTitle($oDocument->getName()); | ... | ... |