Fix fallback authentication handling errors

Previously, it was relying on notification push apps to cause the fatal error. This was fortunate, but not the correct behavior.
horde · Feb 4, 2014 · 8a62cd3 · 8a62cd3
1 parent 4332138
commit 8a62cd3
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 16 deletions.
diff --git a/framework/Core/lib/Horde/Core/Ajax/Application.php b/framework/Core/lib/Horde/Core/Ajax/Application.php
@@ -80,15 +80,19 @@ public function __construct($app, Horde_Variables $vars, $action = null,
 
         $this->_init();
 
+        $auth = $registry->currentProcessAuth();
         $ob = $this->_getHandler();
 
         /* Non-authenticated actions MUST occur in a handler. */
-        if (!$ob && !$registry->currentProcessAuth()) {
+        if (!$ob && !$auth) {
             throw new Horde_Exception('Accessing AJAX action without being authenticated.');
         }
 
         /* Check authentication/token. */
         if ($ob && !$ob->external($action)) {
+            if (!$auth) {
+                throw new Horde_Exception('Accessing AJAX action without being authenticated.');
+            }
             $session->checkToken($token);
         }
 

diff --git a/framework/Core/lib/Horde/Registry.php b/framework/Core/lib/Horde/Registry.php
@@ -253,7 +253,7 @@ static public function appInit($app, array $args = array())
         // For 'fallback' authentication, try authentication first.
         if ($args['authentication'] === 'fallback') {
             $fallback_auth = true;
-            $args['authentication'] = '';
+            $args['authentication'] = null;
         } else {
             $fallback_auth = false;
         }
@@ -287,23 +287,33 @@ static public function appInit($app, array $args = array())
         $appob = $registry->getApiInstance($app, 'application');
         $appob->initParams = $args;
 
-        try {
-            $registry->pushApp($app, array(
-                'check_perms' => ($args['authentication'] != 'none'),
-                'logintasks' => !$args['nologintasks'],
-                'notransparent' => !empty($args['notransparent'])
-            ));
+        do {
+            try {
+                $registry->pushApp($app, array(
+                    'check_perms' => ($args['authentication'] != 'none'),
+                    'logintasks' => !$args['nologintasks'],
+                    'notransparent' => !empty($args['notransparent'])
+                ));
 
-            if ($args['admin'] && !$registry->isAdmin()) {
-                throw new Horde_Exception(Horde_Core_Translation::t("Not an admin"));
-            }
-        } catch (Horde_Exception_PushApp $e) {
-            if ($fallback_auth) {
-                $args['authentication'] = 'none';
-                $registry->authException = $e;
-                return self::appInit($app, $args);
+                if ($args['admin'] && !$registry->isAdmin()) {
+                    throw new Horde_Exception(Horde_Core_Translation::t("Not an admin"));
+                }
+
+                $e = null;
+            } catch (Horde_Exception_PushApp $e) {
+                if ($fallback_auth) {
+                    $registry->authException = $e;
+                    $registry->setAuthenticationSetting('none');
+                    $args['authentication'] = 'none';
+                    $fallback_auth = false;
+                    continue;
+                }
             }
 
+            break;
+        } while (true);
+
+        if (!is_null($e)) {
             $appob->appInitFailure($e);
 
             switch ($e->getCode()) {
@@ -584,6 +594,7 @@ public function setAuthenticationSetting($authentication)
     {
         $this->_args['authentication'] = $authentication;
         $this->_obCache = array();
+        while ($this->popApp());
     }
 
     /**