Throw 403/412 when using ajax as appropriate

Added error pages
2013-05-15 17:06:23 +10:00
parent 783964ee59
commit 25d9fbf846
5 changed files with 25 additions and 13 deletions
--- a/classes/lnApp/Controller/TemplateDefault.php
+++ b/classes/lnApp/Controller/TemplateDefault.php
@@ -70,7 +70,7 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa

 		// Actions that start with ajax, should only be ajax
 		if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
-			die();
+			throw HTTP_Exception::factory(412,_('Unable to fulfil request.'));

 		parent::before();

@@ -82,18 +82,9 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
 			// If auth is required and the user is logged in, then they dont have access.
 			// (We have already checked authorisation.)
 			if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
-				if (Config::sitemode() == Kohana::DEVELOPMENT)
-					SystemMessage::add(array(
-						'title'=>_('Insufficient Access'),
-						'type'=>'debug',
-						'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)),
-					));
-
-				// @todo Login No Access redirects are not handled in JS?
-				if ($this->request->is_ajax()) {
-					echo _('You dont have enough permissions.');
-					die();
-				} else
+				if ($this->request->is_ajax())
+					throw HTTP_Exception::factory(403,_('You dont have enough permissions.'));
+				else
 					HTTP::redirect('login/noaccess');

 			} else {