Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

API CHANGE: Add Security::ignore_disallowed_actions() to allow site f…

…eatures to be disabled when permissions have failed, rather than redirecting to the log-in form. (Trac #7097)
  • Loading branch information...
commit 3f0136749b10781d93ea8f13e478a37089e93b70 1 parent 09e821e
@sminnee sminnee authored
Showing with 19 additions and 1 deletion.
  1. +16 −0 security/Security.php
  2. +3 −1 view/SSViewer.php
View
16 security/Security.php
@@ -158,6 +158,8 @@ static function set_default_message_set($messageSet) {
* to log in.
*/
static function permissionFailure($controller = null, $messageSet = null) {
+ self::set_ignore_disallowed_actions(true);
+
if(!$controller) $controller = Controller::curr();
if(Director::is_ajax()) {
@@ -864,4 +866,18 @@ public static function default_login_dest() {
return self::$default_login_dest;
}
+ protected static $ignore_disallowed_actions = false;
+
+ /**
+ * Set to true to ignore access to disallowed actions, rather than returning permission failure
+ * Note that this is just a flag that other code needs to check with Security::ignore_disallowed_actions()
+ * @param $flag True or false
+ */
+ public static function set_ignore_disallowed_actions($flag) {
+ self::$ignore_disallowed_actions = $flag;
+ }
+ public static function ignore_disallowed_actions() {
+ return self::$ignore_disallowed_actions;
+ }
+
}
View
4 view/SSViewer.php
@@ -612,7 +612,9 @@ public function __construct($templateList) {
if(Director::isDev() || Director::is_cli() || Permission::check('ADMIN')) {
self::flush_template_cache();
} else {
- return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.');
+ if(!Security::ignore_disallowed_actions()) {
+ return Security::permissionFailure(null, 'Please log in as an administrator to flush the template cache.');
+ }
}
}
Please sign in to comment.
Something went wrong with that request. Please try again.