Add an exception when not allowed to "Access Administration Interface" #262
Conversation
|
👍 |
|
There should be a manifest script added to the package blocking installs on On Friday, August 19, 2016, andrepereiradasilva [email protected]
|
i know and has about to write that here. |
| if (!JFactory::getUser()->authorise('core.manage', 'com_weblinks')) | ||
| { | ||
| return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR')); | ||
| throw new JAccessExceptionNotallowed(JText::_('JERROR_ALERTNOAUTHOR'), 403); |
There was a problem hiding this comment.
I don't like the name of that exception. In English it reads like the exception is not allowed! But I suppose there isn't much to be done about it given the autoloader, right?
There was a problem hiding this comment.
Pretty much. In our namespaced code the Exception objects either get into
their own namespace or don't have this issue of fighting with a camel cased
autoloader but can enjoy the benefit of PSR-4 rules. I don't like the
names of the cache and database exceptions I added either but it's all the
same problem in the end.
On Friday, August 19, 2016, Chris Davenport [email protected]
wrote:
In src/administrator/components/com_weblinks/weblinks.php
#262 (comment)
:@@ -12,7 +12,7 @@
if (!JFactory::getUser()->authorise('core.manage', 'com_weblinks'))
{
- return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
- throw new JAccessExceptionNotallowed(JText::_('JERROR_ALERTNOAUTHOR'), 403);
I don't like the name of that exception. In English it reads like the
exception is not allowed! But I suppose there isn't much to be done about
it given the autoloader, right?—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/joomla-extensions/weblinks/pull/262/files/cfa32e7ec46893a49d281460600711c8df8ec7d6#r75564612,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoQ1qh4gcBAC8W_OBJRSH6qdp5LU6ks5qhjr7gaJpZM4Jo65Y
.
|
Can we move this forward? As we have the same exeption |
|
this can only be merged if the next weblinks version is only 3.6.3+ |
|
@andrepereiradasilva imo weblinks should only support latest stable release. But it's probably a PLT decision needed on that.. |
|
@andrepereiradasilva Can you update this PR to block installs prior to 3.6.3? I can't think of any good reason to support earlier versions. Thanks. |
|
i think that should not be related to this PR, but the release itself |
|
Thank you @andrepereiradasilva, we will add a check that we only support latest 3.6 version. |
5 participants
Summary of Changes
This PR does for weblinks what was already done and merged for the core.
Replace existing 404 JError for a 403 php exception (JAccessExceptionNotallowed) when the user does not have access to "Access Administration Interface" (core.manage).
See also joomla/joomla-cms#11608
Testing Instructions
Code review.