From 25d9fbf8469f1dfd1f34198720b81cb001b21131 Mon Sep 17 00:00:00 2001
From: Deon George <deon@leenooks.net>
Date: Wed, 15 May 2013 17:06:23 +1000
Subject: [PATCH] Throw 403/412 when using ajax as appropriate Added error
 pages

---
 classes/lnApp/Controller/TemplateDefault.php | 17 ++++-------------
 views/errors/403.php                         |  5 +++++
 views/errors/404.php                         |  5 +++++
 views/errors/412.php                         |  5 +++++
 views/errors/501.php                         |  6 ++++++
 5 files changed, 25 insertions(+), 13 deletions(-)
 create mode 100644 views/errors/403.php
 create mode 100644 views/errors/404.php
 create mode 100644 views/errors/412.php
 create mode 100644 views/errors/501.php

diff --git a/classes/lnApp/Controller/TemplateDefault.php b/classes/lnApp/Controller/TemplateDefault.php
index 87fd109..7c12de5 100644
--- a/classes/lnApp/Controller/TemplateDefault.php
+++ b/classes/lnApp/Controller/TemplateDefault.php
@@ -70,7 +70,7 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
 
 		// Actions that start with ajax, should only be ajax
 		if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
-			die();
+			throw HTTP_Exception::factory(412,_('Unable to fulfil request.'));
 
 		parent::before();
 
@@ -82,18 +82,9 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
 			// If auth is required and the user is logged in, then they dont have access.
 			// (We have already checked authorisation.)
 			if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
-				if (Config::sitemode() == Kohana::DEVELOPMENT)
-					SystemMessage::add(array(
-						'title'=>_('Insufficient Access'),
-						'type'=>'debug',
-						'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)),
-					));
-
-				// @todo Login No Access redirects are not handled in JS?
-				if ($this->request->is_ajax()) {
-					echo _('You dont have enough permissions.');
-					die();
-				} else
+				if ($this->request->is_ajax())
+					throw HTTP_Exception::factory(403,_('You dont have enough permissions.'));
+				else
 					HTTP::redirect('login/noaccess');
 
 			} else {
diff --git a/views/errors/403.php b/views/errors/403.php
new file mode 100644
index 0000000..e0e0516
--- /dev/null
+++ b/views/errors/403.php
@@ -0,0 +1,5 @@
+<h1>Oops!</h1>
+<h2>403 Not Found or Not Authorised?</h2>
+<div class="error-details">
+	Sorry, either the item doesnt exist, or you are not authorised to see it.
+</div>
diff --git a/views/errors/404.php b/views/errors/404.php
new file mode 100644
index 0000000..539ad46
--- /dev/null
+++ b/views/errors/404.php
@@ -0,0 +1,5 @@
+<h1>Oops!</h1>
+<h2>404 Not Found?</h2>
+<div class="error-details">
+	Sorry, an error has occured, requested page not found?
+</div>
diff --git a/views/errors/412.php b/views/errors/412.php
new file mode 100644
index 0000000..7f5120a
--- /dev/null
+++ b/views/errors/412.php
@@ -0,0 +1,5 @@
+<h1>Oops!</h1>
+<h2>412 Unable to fulfil your request?</h2>
+<div class="error-details">
+	Your request needs more information before it can be fulfilled.
+</div>
diff --git a/views/errors/501.php b/views/errors/501.php
new file mode 100644
index 0000000..2935092
--- /dev/null
+++ b/views/errors/501.php
@@ -0,0 +1,6 @@
+<h1>Oops!</h1>
+<h2>501 Bother, something went wrong.</h2>
+<?php echo $message; ?>
+<div class="error-details">
+	If this keeps happening, please let us know.
+</div>