From 17c8834fd151834fdc8b6fd83dc3a9f32f32a555 Mon Sep 17 00:00:00 2001 From: Axel Rutz Date: Fri, 20 May 2011 01:08:02 +0200 Subject: [PATCH 1/3] fixes #465390 - redirect to user/{login|register} on anon access denied, making unified login possible, with auth 403 fallback --- logintoboggan.admin.inc | 37 +++++++++++++++++------------------ logintoboggan.install | 2 + logintoboggan.module | 48 ++++++++++++++++++++++------------------------ 3 files changed, 43 insertions(+), 44 deletions(-) diff --git a/logintoboggan.admin.inc b/logintoboggan.admin.inc index 695bb0c..27d2ead 100644 --- a/logintoboggan.admin.inc +++ b/logintoboggan.admin.inc @@ -130,25 +130,24 @@ function logintoboggan_main_settings() { '#tree' => FALSE, ); - $site403 = variable_get('site_403', ''); - if ($site403 == '') { - $disabled = $default = '0'; - } - elseif ($site403 == 'toboggan/denied') { - $disabled = '0'; - $default = 'toboggan/denied'; - } - else { - $disabled = $default = $site403; - } - $options = array($disabled => $_disabled, 'toboggan/denied' => $_enabled); + $options = array( + 0 => $_disabled, + 'user/login' => t('Login'), + 'user/register' => t('Register'), + ); - $form['other']['logintoboggan_site_403'] = array( + $form['other']['logintoboggan_anon_403'] = array( '#type' => 'radios', - '#title' => t('Present login form on access denied (403)'), + '#title' => t('Redirect anonymous to login or redirect form on access denied (403)'), '#options' => $options, - '#default_value' => $default, - '#description' => t('Anonymous users will be presented with a login form along with an access denied message.') + '#default_value' => variable_get('logintoboggan_anon_403', ''), + '#description' => t('Anonymous users will be redirected to login or redirect form.') + ); + $form['other']['logintoboggan_auth_403'] = array( + '#type' => 'textfield', + '#title' => t('Redirect authenticated users on access denied (403)'), + '#default_value' => variable_get('logintoboggan_auth_403', ''), + '#description' => t('Authenticated users will be redirected to this page on access denied.') ); $form['other']['logintoboggan_login_successful_message'] = array( '#type' => 'radios', @@ -195,9 +194,9 @@ function logintoboggan_main_settings_submit($form, &$form_state) { unset($form_state['values']['logintoboggan_user_email_verification']); // Site 403 setting. - $site_403 = $form_state['values']['logintoboggan_site_403'] == '0' ? '' : $form_state['values']['logintoboggan_site_403']; - variable_set('site_403', $site_403); - unset($form_state['values']['logintoboggan_site_403']); + $anon_403 = &$form_state['values']['logintoboggan_anon_403']; + if($anon_403 == '0') $anon_403 =''; + if($anon_403) variable_set('site_403', 'toboggan/denied'); // If the unified login setting has been changed, we need to rebuild the // menu cache. diff --git a/logintoboggan.install b/logintoboggan.install index 5f20e8f..5c8e100 100644 --- a/logintoboggan.install +++ b/logintoboggan.install @@ -54,6 +54,8 @@ function logintoboggan_uninstall() { 'logintoboggan_minimum_password_length', 'logintoboggan_immediate_login_on_register', 'logintoboggan_override_destination_parameter', + 'logintoboggan_anon_403', + 'logintoboggan_auth_403', ); foreach ($variables as $variable) { variable_del($variable); diff --git a/logintoboggan.module b/logintoboggan.module index 7ec765f..2ff9422 100755 --- a/logintoboggan.module +++ b/logintoboggan.module @@ -415,18 +415,6 @@ function logintoboggan_js_alter(&$javascript) { } } -/** - * Implement hook_page_alter(). - */ -function logintoboggan_page_alter(&$page) { - // Remove blocks on access denied pages. - if (isset($page['#logintoboggan_denied'])) { - drupal_set_message(t('Access denied. You may need to login below or register to access this page.'), 'error'); - unset($page['sidebar_first'], $page['sidebar_second']); - } -} - - /** @@ -888,21 +876,31 @@ function _logintoboggan_toggleboggan ($form) { return $form; } +/** + * process access denied handling + * + * calling path is now in $_GET['destination'], + * the former value of which is lost + * @see drupal_deliver_html_page + * + * we have to clear $_GET['destination'], + * otherwise drupal_goto() will create infinite loops + */ function logintoboggan_denied() { - if ($GLOBALS['user']->uid == 0) { - // Output the user login form. - drupal_set_title(t('Access Denied / User log in')); - $output = drupal_get_form('user_login'); - drupal_set_page_content($output); - // Return page attributes, hide blocks. - $page = element_info('page'); - $page['#logintoboggan_denied'] = TRUE; - } - else { - drupal_set_title(t('Access Denied')); - $page = theme('lt_access_denied'); + $original_path = $_GET['destination']; + unset($_GET['destination']); + if ($GLOBALS['user']->uid == 0 + && ($path = drupal_get_normal_path(variable_get('logintoboggan_anon_403', ''))) + && ($path != $original_path)) { + drupal_goto($path, array('query'=>array('destination'=>$original_path))); + } elseif(($path = drupal_get_normal_path(variable_get('logintoboggan_auth_403', ''))) + && ($path != $original_path)) { + drupal_goto($path, array('query'=>array('destination'=>$original_path))); + } else { + // Standard 403 handler. + drupal_set_title(t('Access denied')); + $return = t('You are not authorized to access this page.'); } - return $page; } /** -- 1.7.1