issue #28: adding permission denied error page
							parent
							
								
									11900a55b3
								
							
						
					
					
						commit
						cdfe3c85d2
					
				|  | @ -261,4 +261,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'Изпратен е имейл с информация за възстановяване на паролата.', | 		'success_password_forgot' => 'Изпратен е имейл с информация за възстановяване на паролата.', | ||||||
| 		'success_password_reset' => 'Вашата парола е променена успешно. Моля, влезте в системата.', | 		'success_password_reset' => 'Вашата парола е променена успешно. Моля, влезте в системата.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -261,4 +261,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'En e-mail er blevet sendt til dig med oplysninger om, hvordan du nulstiller din adgangskode.', | 		'success_password_forgot' => 'En e-mail er blevet sendt til dig med oplysninger om, hvordan du nulstiller din adgangskode.', | ||||||
| 		'success_password_reset' => 'Dit password er blevet nulstillet. venligst log ind.', | 		'success_password_reset' => 'Dit password er blevet nulstillet. venligst log ind.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -261,4 +261,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | ||||||
| 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -261,4 +261,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | ||||||
| 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -259,4 +259,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | ||||||
| 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -260,4 +260,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'Un email vous a été envoyé pour réinitialiser votre mot de passe.', | 		'success_password_forgot' => 'Un email vous a été envoyé pour réinitialiser votre mot de passe.', | ||||||
| 		'success_password_reset' => 'Votre mot de passe a été réinitialisé.', | 		'success_password_reset' => 'Votre mot de passe a été réinitialisé.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -259,4 +259,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | ||||||
| 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -259,4 +259,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | 		'success_password_forgot' => 'An email has been sent to you with information how to reset your password.', | ||||||
| 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | 		'success_password_reset' => 'Your password has been reset successfully. Please login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -260,4 +260,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'Er is een mail verstuurd met informatie om je wachtwoord aan te passen.', | 		'success_password_forgot' => 'Er is een mail verstuurd met informatie om je wachtwoord aan te passen.', | ||||||
| 		'success_password_reset' => 'Je wachtwoord is aangepast. Je kunt nu inloggen.', | 		'success_password_reset' => 'Je wachtwoord is aangepast. Je kunt nu inloggen.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'U heeft niet de juiste bevoegdheden om deze pagina te bekijken.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -261,4 +261,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => 'Um email foi enviado para você com as instruções de redefinição de senha.', | 		'success_password_forgot' => 'Um email foi enviado para você com as instruções de redefinição de senha.', | ||||||
| 		'success_password_reset' => 'Sua senha foi redefinida com sucesso. Por favor faça login.', | 		'success_password_reset' => 'Sua senha foi redefinida com sucesso. Por favor faça login.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -260,4 +260,8 @@ $sm_lang = array( | ||||||
| 		'success_password_forgot' => '密码重设邮件已发送.', | 		'success_password_forgot' => '密码重设邮件已发送.', | ||||||
| 		'success_password_reset' => '密码重设成功.请登录.', | 		'success_password_reset' => '密码重设成功.请登录.', | ||||||
| 	), | 	), | ||||||
|  | 	'error' => array( | ||||||
|  | 		'401_unauthorized' => 'Unauthorized', | ||||||
|  | 		'401_unauthorized_description' => 'You do not have the privileges to view this page.', | ||||||
|  | 	), | ||||||
| ); | ); | ||||||
|  |  | ||||||
|  | @ -152,10 +152,13 @@ abstract class AbstractController implements ControllerInterface { | ||||||
| 	/** | 	/** | ||||||
| 	 * Initialize the controller. | 	 * Initialize the controller. | ||||||
| 	 * | 	 * | ||||||
|  | 	 * @param string $action if NULL, the action will be retrieved from user input (GET/POST) | ||||||
| 	 * @return \Symfony\Component\HttpFoundation\Response | 	 * @return \Symfony\Component\HttpFoundation\Response | ||||||
| 	 */ | 	 */ | ||||||
| 	public function initialize() { | 	public function initialize($action = null) { | ||||||
| 		$action = psm_GET('action', psm_POST('action', $this->action_default)); | 		if($action === null) { | ||||||
|  | 			$action = psm_GET('action', psm_POST('action', $this->action_default)); | ||||||
|  | 		} | ||||||
| 		$this->xhr = (bool) psm_GET('xhr', psm_POST('xhr', false)); | 		$this->xhr = (bool) psm_GET('xhr', psm_POST('xhr', false)); | ||||||
| 
 | 
 | ||||||
| 		if(!in_array($action, $this->actions) || !($result = $this->initializeAction($action))) { | 		if(!in_array($action, $this->actions) || !($result = $this->initializeAction($action))) { | ||||||
|  |  | ||||||
|  | @ -0,0 +1,56 @@ | ||||||
|  | <?php | ||||||
|  | /** | ||||||
|  |  * PHP Server Monitor | ||||||
|  |  * Monitor your servers and websites. | ||||||
|  |  * | ||||||
|  |  * This file is part of PHP Server Monitor. | ||||||
|  |  * PHP Server Monitor is free software: you can redistribute it and/or modify | ||||||
|  |  * it under the terms of the GNU General Public License as published by | ||||||
|  |  * the Free Software Foundation, either version 3 of the License, or | ||||||
|  |  * (at your option) any later version. | ||||||
|  |  * | ||||||
|  |  * PHP Server Monitor is distributed in the hope that it will be useful, | ||||||
|  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||||
|  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||||
|  |  * GNU General Public License for more details. | ||||||
|  |  * | ||||||
|  |  * You should have received a copy of the GNU General Public License | ||||||
|  |  * along with PHP Server Monitor.  If not, see <http://www.gnu.org/licenses/>. | ||||||
|  |  * | ||||||
|  |  * @package     phpservermon | ||||||
|  |  * @author      Pepijn Over <pep@neanderthal-technology.com> | ||||||
|  |  * @copyright   Copyright (c) 2008-2014 Pepijn Over <pep@neanderthal-technology.com> | ||||||
|  |  * @license     http://www.gnu.org/licenses/gpl.txt GNU GPL v3 | ||||||
|  |  * @version     Release: @package_version@ | ||||||
|  |  * @link        http://www.phpservermonitor.org/ | ||||||
|  |  * @since       phpservermon 3.1 | ||||||
|  |  **/ | ||||||
|  | 
 | ||||||
|  | namespace psm\Module\Error\Controller; | ||||||
|  | use psm\Module\AbstractController; | ||||||
|  | use psm\Service\Database; | ||||||
|  | use psm\Service\Template; | ||||||
|  | 
 | ||||||
|  | class ErrorController extends AbstractController { | ||||||
|  | 
 | ||||||
|  | 	function __construct(Database $db, Template $tpl) { | ||||||
|  | 		parent::__construct($db, $tpl); | ||||||
|  | 
 | ||||||
|  | 		$this->setMinUserLevelRequired(PSM_USER_ANONYMOUS); | ||||||
|  | 
 | ||||||
|  | 		$this->setActions(array( | ||||||
|  | 			'401', | ||||||
|  | 		), '401'); | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
|  | 	/** | ||||||
|  | 	 * 401 error page | ||||||
|  | 	 */ | ||||||
|  | 	protected function execute401() { | ||||||
|  | 		$this->setTemplateId('error', 'error/error.tpl.html'); | ||||||
|  | 		$this->tpl->addTemplateData('error', array( | ||||||
|  | 			'label_title' => psm_get_lang('error', '401_unauthorized'), | ||||||
|  | 			'label_description' => psm_get_lang('error', '401_unauthorized_description'), | ||||||
|  | 		)); | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | @ -0,0 +1,39 @@ | ||||||
|  | <?php | ||||||
|  | /** | ||||||
|  |  * PHP Server Monitor | ||||||
|  |  * Monitor your servers and websites. | ||||||
|  |  * | ||||||
|  |  * This file is part of PHP Server Monitor. | ||||||
|  |  * PHP Server Monitor is free software: you can redistribute it and/or modify | ||||||
|  |  * it under the terms of the GNU General Public License as published by | ||||||
|  |  * the Free Software Foundation, either version 3 of the License, or | ||||||
|  |  * (at your option) any later version. | ||||||
|  |  * | ||||||
|  |  * PHP Server Monitor is distributed in the hope that it will be useful, | ||||||
|  |  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||||
|  |  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||||
|  |  * GNU General Public License for more details. | ||||||
|  |  * | ||||||
|  |  * You should have received a copy of the GNU General Public License | ||||||
|  |  * along with PHP Server Monitor.  If not, see <http://www.gnu.org/licenses/>. | ||||||
|  |  * | ||||||
|  |  * @package     phpservermon | ||||||
|  |  * @author      Pepijn Over <pep@neanderthal-technology.com> | ||||||
|  |  * @copyright   Copyright (c) 2008-2014 Pepijn Over <pep@neanderthal-technology.com> | ||||||
|  |  * @license     http://www.gnu.org/licenses/gpl.txt GNU GPL v3 | ||||||
|  |  * @version     Release: @package_version@ | ||||||
|  |  * @link        http://www.phpservermonitor.org/ | ||||||
|  |  * @since       phpservermon 3.1 | ||||||
|  |  **/ | ||||||
|  | 
 | ||||||
|  | namespace psm\Module\Error; | ||||||
|  | use psm\Module\ModuleInterface; | ||||||
|  | 
 | ||||||
|  | class ErrorModule implements ModuleInterface { | ||||||
|  | 	public function getControllers() { | ||||||
|  | 		return array( | ||||||
|  | 			'error' => __NAMESPACE__ . '\Controller\ErrorController', | ||||||
|  | 		); | ||||||
|  | 
 | ||||||
|  | 	} | ||||||
|  | } | ||||||
|  | @ -83,6 +83,7 @@ class Router { | ||||||
| 	public function getModules() { | 	public function getModules() { | ||||||
| 		return array( | 		return array( | ||||||
| 			'config' => new Module\Config\ConfigModule(), | 			'config' => new Module\Config\ConfigModule(), | ||||||
|  | 			'error' => new Module\Error\ErrorModule(), | ||||||
| 			'server' => new Module\Server\ServerModule(), | 			'server' => new Module\Server\ServerModule(), | ||||||
| 			'user' => new Module\User\UserModule(), | 			'user' => new Module\User\UserModule(), | ||||||
| 			'install' => new Module\Install\InstallModule(), | 			'install' => new Module\Install\InstallModule(), | ||||||
|  | @ -122,21 +123,20 @@ class Router { | ||||||
| 		} | 		} | ||||||
| 		// get min required level for this controller and make sure the user matches
 | 		// get min required level for this controller and make sure the user matches
 | ||||||
| 		$min_lvl = $controller->getMinUserLevelRequired(); | 		$min_lvl = $controller->getMinUserLevelRequired(); | ||||||
|  | 		$action = null; | ||||||
| 
 | 
 | ||||||
| 		if($min_lvl < PSM_USER_ANONYMOUS) { | 		if($min_lvl < PSM_USER_ANONYMOUS) { | ||||||
| 			// if user is not logged in, load login module
 | 			// if user is not logged in, load login module
 | ||||||
| 			if(!$this->services['user']->isUserLoggedIn()) { | 			if(!$this->services['user']->isUserLoggedIn()) { | ||||||
| 				// redirect to login
 |  | ||||||
| 				$controller = $this->getController('user_login'); | 				$controller = $this->getController('user_login'); | ||||||
| 			} elseif($this->services['user']->getUserLevel() > $min_lvl) { | 			} elseif($this->services['user']->getUserLevel() > $min_lvl) { | ||||||
| 				// @todo perhaps show a nice permission denied page
 | 				$controller = $this->getController('error'); | ||||||
| 				die('You do not have the privileges to view this page.'); | 				$action = '401'; | ||||||
| 			} | 			} | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		$controller->setUser($this->services['user']); | 		$controller->setUser($this->services['user']); | ||||||
| 		// let the module prepare it's HTML code
 | 		$response = $controller->initialize($action); | ||||||
| 		$response = $controller->initialize(); |  | ||||||
| 
 | 
 | ||||||
| 		if(!($response instanceof Response)) { | 		if(!($response instanceof Response)) { | ||||||
| 			throw new \LogicException('Controller did not return a Response object.'); | 			throw new \LogicException('Controller did not return a Response object.'); | ||||||
|  |  | ||||||
|  | @ -0,0 +1,4 @@ | ||||||
|  | <!--%tpl_error--> | ||||||
|  | <h2>{label_title}</h2> | ||||||
|  | <p>{label_description}</p> | ||||||
|  | <!--%%tpl_error--> | ||||||
		Loading…
	
		Reference in New Issue
	
	 Pepijn Over
						Pepijn Over