Browse files

Modified internal access request handling to avoid eternal redirects,

fixes #33
  • Loading branch information...
1 parent 87871f1 commit a634113dabf4b07adc77cfef203769a2cd844c1e @vimofthevine committed Jun 21, 2010
Showing with 22 additions and 7 deletions.
  1. +1 −0 RELEASENOTES.md
  2. +21 −7 classes/controller/admin/base.php
View
1 RELEASENOTES.md
@@ -1,3 +1,4 @@
# Admin Module Release Notes
+* June 21, 2010 - Fixed eternal redirect bug when an internal access denial tries to redirect (issue #33)
* June 15, 2010 - **API change** - Refactored functions into separate template and base controllers (issue #20)
View
28 classes/controller/admin/base.php
@@ -11,7 +11,7 @@
*/
abstract class Controller_Admin_Base extends Controller_Template_Admin {
- /*
+ /**
* @var array Action-to-privilege ACL map
*/
protected $_acl_map = array('default' => NULL);
@@ -109,16 +109,24 @@ public function before() {
Message::instance()->error($ae->getMessage(),
array(':resource' => $this->_resource));
- // If controller-level access is denied, redirect to admin main
- if ($this->request->action == 'index')
+ // If internal request, redirect to denied action
+ if ($this->_internal)
{
- Request::instance()->redirect(Route::get('admin')->uri());
+ $this->request->action = 'denied';
}
- // Else action-level access is denied, redirect to default action
else
{
- $this->request->redirect( $this->request->uri(
- array('action' => 'index', 'id' => NULL)) );
+ // If controller-level access is denied, redirect to admin main
+ if ($this->request->action == 'index')
+ {
+ $this->request->redirect( Route::get('admin')->uri());
+ }
+ // Else action-level access is denied, redirect to default action
+ else
+ {
+ $this->request->redirect( $this->request->uri(
+ array('action' => 'index', 'id' => NULL)) );
+ }
}
}
catch (Kohana_Exception $ke)
@@ -174,5 +182,11 @@ protected function _load_resource() { }
*/
protected function _menu() { }
+ /**
+ * Controller-level access denial message for
+ * internal requests
+ */
+ public function action_denied() { }
+
} // End of Controller_Admin_Base

0 comments on commit a634113

Please sign in to comment.