/**
* If an SecurityException is being caught, ajax requests return a JSON error
* response and non ajax requests redirect to the index
* @param Controller $controller the controller that is being called
* @param string $methodName the name of the method that will be called on
* the controller
* @param \Exception $exception the thrown exception
* @throws \Exception the passed in exception if it cant handle it
* @return Response a Response object or null in case that the exception could not be handled
*/
public function afterException($controller, $methodName, \Exception $exception)
{
if ($exception instanceof SecurityException) {
if ($exception->isAjax()) {
$response = new JSONResponse(array('message' => $exception->getMessage()), $exception->getCode());
$this->api->log($exception->getMessage(), 'debug');
} else {
$url = $this->api->linkToAbsolute('index.php', '');
// TODO: replace with link to route
$response = new RedirectResponse($url);
$this->api->log($exception->getMessage(), 'debug');
}
// in case of HTTP auth we need to send the appropriate headers
if ($this->isAPICall && $exception->getCode() === Http::STATUS_UNAUTHORIZED) {
$response->addHeader('WWW-Authenticate', 'Basic realm="Authorisation Required"');
}
return $response;
} else {
throw $exception;
}
}
