Throw 403/412 when using ajax as appropriate

Added error pages
This commit is contained in:
Deon George 2013-05-15 17:06:23 +10:00
parent 783964ee59
commit 25d9fbf846
5 changed files with 25 additions and 13 deletions

View File

@ -70,7 +70,7 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
// Actions that start with ajax, should only be ajax // Actions that start with ajax, should only be ajax
if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax()) if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
die(); throw HTTP_Exception::factory(412,_('Unable to fulfil request.'));
parent::before(); parent::before();
@ -82,18 +82,9 @@ abstract class lnApp_Controller_TemplateDefault extends Kohana_Controller_Templa
// If auth is required and the user is logged in, then they dont have access. // If auth is required and the user is logged in, then they dont have access.
// (We have already checked authorisation.) // (We have already checked authorisation.)
if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) { if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
if (Config::sitemode() == Kohana::DEVELOPMENT) if ($this->request->is_ajax())
SystemMessage::add(array( throw HTTP_Exception::factory(403,_('You dont have enough permissions.'));
'title'=>_('Insufficient Access'), else
'type'=>'debug',
'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)),
));
// @todo Login No Access redirects are not handled in JS?
if ($this->request->is_ajax()) {
echo _('You dont have enough permissions.');
die();
} else
HTTP::redirect('login/noaccess'); HTTP::redirect('login/noaccess');
} else { } else {

5
views/errors/403.php Normal file
View File

@ -0,0 +1,5 @@
<h1>Oops!</h1>
<h2>403 Not Found or Not Authorised?</h2>
<div class="error-details">
Sorry, either the item doesnt exist, or you are not authorised to see it.
</div>

5
views/errors/404.php Normal file
View File

@ -0,0 +1,5 @@
<h1>Oops!</h1>
<h2>404 Not Found?</h2>
<div class="error-details">
Sorry, an error has occured, requested page not found?
</div>

5
views/errors/412.php Normal file
View File

@ -0,0 +1,5 @@
<h1>Oops!</h1>
<h2>412 Unable to fulfil your request?</h2>
<div class="error-details">
Your request needs more information before it can be fulfilled.
</div>

6
views/errors/501.php Normal file
View File

@ -0,0 +1,6 @@
<h1>Oops!</h1>
<h2>501 Bother, something went wrong.</h2>
<?php echo $message; ?>
<div class="error-details">
If this keeps happening, please let us know.
</div>