Commit 0746de62 authored by Bertrand Gauthier's avatar Bertrand Gauthier
Browse files

Ajout d'une stratégie pour renvoyer une réponse "403 Unauthorized" en cas de...

Ajout d'une stratégie pour renvoyer une réponse "403 Unauthorized" en cas de requête AJAX et rediriger vers la page d'auth pour les requêtes non AJAX.
parent 4f5c6f4d
......@@ -107,7 +107,8 @@ $bjyauthorize = array(
),
// strategy service name for the strategy listener to be used when permission-related errors are detected
'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
// 'unauthorized_strategy' => 'BjyAuthorize\View\RedirectionStrategy',
'unauthorized_strategy' => 'UnicaenAuth\View\RedirectionStrategy',
/* Currently, only controller and route guards exist
*/
......@@ -168,6 +169,7 @@ return array(
'unicaen-auth_user_service' => 'UnicaenAuth\Service\User',
'UnicaenAuth\Authentication\Storage\Db' => 'UnicaenAuth\Authentication\Storage\Db',
'UnicaenAuth\Authentication\Storage\Ldap' => 'UnicaenAuth\Authentication\Storage\Ldap',
'UnicaenAuth\View\RedirectionStrategy' => 'UnicaenAuth\View\RedirectionStrategy',
),
'abstract_factories' => array(
'UnicaenAuth\Authentication\Adapter\AbstractFactory',
......
<?php
namespace UnicaenAuth\View;
use Zend\Mvc\MvcEvent;
use BjyAuthorize\View\UnauthorizedStrategy;
/**
* Modification du mécanisme standard : pas de redirection s'il s'agit d'une requête AJAX.
*
* @author Bertrand GAUTHIER <bertrand.gauthier at unicaen.fr>
*/
class RedirectionStrategy extends \BjyAuthorize\View\RedirectionStrategy
{
/**
* Handles redirects in case of dispatch errors caused by unauthorized access
*
* @param \Zend\Mvc\MvcEvent $event
*/
public function onDispatchError(MvcEvent $event)
{
$request = $event->getRequest();
if (!$request->isXmlHttpRequest()) {
return parent::onDispatchError($event);
}
$sl = $event->getApplication()->getServiceManager();
$unauthorizedStrategy = $sl->get('BjyAuthorize\View\UnauthorizedStrategy'); /* @var $unauthorizedStrategy UnauthorizedStrategy */
$unauthorizedStrategy->onDispatchError($event);
}
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment