TheCoreDev/sterivein
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #349 from lunika/dev

Browse Source 
AuthenticationException must be catch in renderRaw and not in render met...
This commit is contained in:
Manuel Raynaud
2014-04-29 10:52:36 +02:00
parent fd10b9d9a2 312b27a113
commit 7b826796f1
1 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
core/lib/Thelia/Controller/Admin/BaseAdminController.php
View File

@@ -403,12 +403,10 @@ class BaseAdminController extends BaseController
*/ */
protected function render($templateName, $args = array(), $status = 200) protected function render($templateName, $args = array(), $status = 200)
{ {
try { $response = $this->renderRaw($templateName, $args);
$response = Response::create($this->renderRaw($templateName, $args), $status);
} catch (AuthenticationException $ex) { if (!$response instanceof \Symfony\Component\HttpFoundation\Response) {
// User is not authenticated, and templates requires authentication -> redirect to login page $response = Response::create($response, $status);
// We user login_tpl as a path, not a template.
$response = RedirectResponse::create(URL::getInstance()->absoluteUrl($ex->getLoginTemplate()));
} }
return $response; return $response;
@@ -421,7 +419,7 @@ class BaseAdminController extends BaseController
* @param array $args the template arguments * @param array $args the template arguments
* @param null $templateDir * @param null $templateDir
* *
* @return \Thelia\Core\HttpFoundation\Response * @return string|\Symfony\Component\HttpFoundation\RedirectResponse
*/ */
protected function renderRaw($templateName, $args = array(), $templateDir = null) protected function renderRaw($templateName, $args = array(), $templateDir = null)
{ {
@@ -459,12 +457,17 @@ class BaseAdminController extends BaseController
// Render the template. // Render the template.
try { try {
$data = $this->getParser($templateDir)->render($templateName, $args); $content = $this->getParser($templateDir)->render($templateName, $args);
return $data; } catch (AuthenticationException $ex) {
// User is not authenticated, and templates requires authentication -> redirect to login page
// We user login_tpl as a path, not a template.
$content = RedirectResponse::create(URL::getInstance()->absoluteUrl($ex->getLoginTemplate()));
} catch (AuthorizationException $ex) { } catch (AuthorizationException $ex) {
// User is not allowed to perform the required action. Return the error page instead of the requested page. // User is not allowed to perform the required action. Return the error page instead of the requested page.
return $this->errorPage($this->getTranslator()->trans("Sorry, you are not allowed to perform this action."), 403); $content = $this->errorPage($this->getTranslator()->trans("Sorry, you are not allowed to perform this action."), 403);
} }
return $content;
} }
} }