Permalink
Browse files

API CHANGE: Add a PermissionFailureException that can be thrown to tr…

…igger a log-in.
  • Loading branch information...
1 parent 6cb1570 commit f54697930efb4e6acf174a4b0fc570521a8b8788 @sminnee sminnee committed with chillu Mar 16, 2011
Showing with 12 additions and 0 deletions.
  1. +2 −0 control/RequestHandler.php
  2. +10 −0 security/PermissionFailureException.php
@@ -184,6 +184,8 @@ public function handleRequest(SS_HTTPRequest $request, DataModel $model) {
$result = $this->$action($request);
} catch(SS_HTTPResponse_Exception $responseException) {
$result = $responseException->getResponse();
+ } catch(PermissionFailureException $e) {
+ $result = Security::permissionFailure(null, $e->getMessage());
}
} else {
return $this->httpError(403, "Action '$action' isn't allowed on class " . get_class($this));
@@ -0,0 +1,10 @@
+<?php
+
+/**
+ * Throw this exception to register that a user doesn't have permission to do the given action
+ * and potentially redirect them to the log-in page. The exception message may be presented to the
+ * user, so it shouldn't be in nerd-speak.
+ */
+class PermissionFailureException extends Exception {
+
+}

0 comments on commit f546979

Please sign in to comment.