/** * Register that we've had a permission failure trying to view the given page * * This will redirect to a login page. * If you don't provide a messageSet, a default will be used. * * @param Controller $controller The controller that you were on to cause the permission * failure. * @param string|array $messageSet The message to show to the user. This * can be a string, or a map of different * messages for different contexts. * If you pass an array, you can use the * following keys: * - default: The default message * - logInAgain: The message to show * if the user has just * logged out and the * - alreadyLoggedIn: The message to * show if the user * is already logged * in and lacks the * permission to * access the item. */ static function permissionFailure($controller = null, $messageSet = null) { if(Director::is_ajax()) { $response = ($controller) ? $controller->getResponse() : new HTTPResponse(); $response->setStatusCode(403); $response->setBody('NOTLOGGEDIN:'); return $response; } else { // Prepare the messageSet provided if(!$messageSet) { if(self::$default_message_set) { $messageSet = self::$default_message_set; } else { $messageSet = array( 'default' => _t( 'Security.NOTEPAGESECURED', "That page is secured. Enter your credentials below and we will send you right along." ), 'alreadyLoggedIn' => _t( 'Security.ALREADYLOGGEDIN', "You don't have access to this page. If you have another account that can access that page, you can log in below." ), 'logInAgain' => _t( 'Security.LOGGEDOUT', "You have been logged out. If you would like to log in again, enter your credentials below." ) ); } } if(!is_array($messageSet)) { $messageSet = array('default' => $messageSet); } // Work out the right message to show if(Member::currentUserID()) { $message = isset($messageSet['alreadyLoggedIn']) ? $messageSet['alreadyLoggedIn'] : $messageSet['default']; if($member = Member::currentUser()) { $member->logOut(); } } else if(substr(Director::history(),0,15) == 'Security/logout') { $message = $messageSet['logInAgain'] ? $messageSet['logInAgain'] : $messageSet['default']; } else { $message = $messageSet['default']; } Session::set("Security.Message.message", $message); Session::set("Security.Message.type", 'warning'); Session::set("BackURL", $_SERVER['REQUEST_URI']); // TODO AccessLogEntry needs an extension to handle permission denied errors // Audit logging hook if($controller) $controller->extend('permissionDenied', $member); Director::redirect("Security/login"); } return; }