Throw 403/412 when using ajax as appropriate
Added error pages
This commit is contained in:
parent
783964ee59
commit
25d9fbf846
@ -70,7 +70,7 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
|
|||||||
|
|
||||||
// Actions that start with ajax, should only be ajax
|
// Actions that start with ajax, should only be ajax
|
||||||
if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
|
if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
|
||||||
die();
|
throw HTTP_Exception::factory(412,_('Unable to fulfil request.'));
|
||||||
|
|
||||||
parent::before();
|
parent::before();
|
||||||
|
|
||||||
@ -82,18 +82,9 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
|
|||||||
// If auth is required and the user is logged in, then they dont have access.
|
// If auth is required and the user is logged in, then they dont have access.
|
||||||
// (We have already checked authorisation.)
|
// (We have already checked authorisation.)
|
||||||
if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
|
if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
|
||||||
if (Config::sitemode() == Kohana::DEVELOPMENT)
|
if ($this->request->is_ajax())
|
||||||
SystemMessage::add(array(
|
throw HTTP_Exception::factory(403,_('You dont have enough permissions.'));
|
||||||
'title'=>_('Insufficient Access'),
|
else
|
||||||
'type'=>'debug',
|
|
||||||
'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)),
|
|
||||||
));
|
|
||||||
|
|
||||||
// @todo Login No Access redirects are not handled in JS?
|
|
||||||
if ($this->request->is_ajax()) {
|
|
||||||
echo _('You dont have enough permissions.');
|
|
||||||
die();
|
|
||||||
} else
|
|
||||||
HTTP::redirect('login/noaccess');
|
HTTP::redirect('login/noaccess');
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
|
5
views/errors/403.php
Normal file
5
views/errors/403.php
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
<h1>Oops!</h1>
|
||||||
|
<h2>403 Not Found or Not Authorised?</h2>
|
||||||
|
<div class="error-details">
|
||||||
|
Sorry, either the item doesnt exist, or you are not authorised to see it.
|
||||||
|
</div>
|
5
views/errors/404.php
Normal file
5
views/errors/404.php
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
<h1>Oops!</h1>
|
||||||
|
<h2>404 Not Found?</h2>
|
||||||
|
<div class="error-details">
|
||||||
|
Sorry, an error has occured, requested page not found?
|
||||||
|
</div>
|
5
views/errors/412.php
Normal file
5
views/errors/412.php
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
<h1>Oops!</h1>
|
||||||
|
<h2>412 Unable to fulfil your request?</h2>
|
||||||
|
<div class="error-details">
|
||||||
|
Your request needs more information before it can be fulfilled.
|
||||||
|
</div>
|
6
views/errors/501.php
Normal file
6
views/errors/501.php
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
<h1>Oops!</h1>
|
||||||
|
<h2>501 Bother, something went wrong.</h2>
|
||||||
|
<?php echo $message; ?>
|
||||||
|
<div class="error-details">
|
||||||
|
If this keeps happening, please let us know.
|
||||||
|
</div>
|
Reference in New Issue
Block a user