Improve the access denied (403) page

This is an improved version of the current access denied (403) page based on the built-in not found (404) page. Shows a link to the CMS backend if the user is logged in and doesn't have permissions for the backend page it's trying to access, but does have permissions for the CMS backend. Please note that the following languages are machine translated: ja, pt-br, ru and sv.
2014-06-16 22:46:11 +02:00 · 2014-06-16 22:46:11 +02:00 · bbd2915637
parent df25c5d9f7
commit bbd2915637
10 changed files with 64 additions and 3 deletions
--- a/modules/backend/classes/Controller.php
+++ b/modules/backend/classes/Controller.php
@ -3,6 +3,7 @@
 use Str;
 use Log;
 use Lang;
+use View;
 use Flash;
 use Request;
 use Backend;
@ -145,7 +146,7 @@ class Controller extends Extendable
            // Not logged in, redirect to login screen or show ajax error
            if (!BackendAuth::check()) {
                return Request::ajax()
-                    ? Response::make('Access Forbidden', '403')
+                    ? Response::make(View::make('backend::403'), 403)
                    : Redirect::guest(Backend::url('backend/auth'));
            }

@ -153,8 +154,12 @@ class Controller extends Extendable
            $this->user = BackendAuth::getUser();

            // Check his access groups against the page definition
-            if ($this->requiredPermissions && !$this->user->hasAnyAccess($this->requiredPermissions))
-                return Response::make('Access Forbidden', '403');
+            if ($this->requiredPermissions && !$this->user->hasAnyAccess($this->requiredPermissions)) {
+                if ($this->user->hasAnyAccess(['cms.*']))
+                    return Response::make(View::make('backend::403', ['cms_link' => '<a href="'.Backend::url('cms').'">'.Lang::get('cms::lang.page.access_denied.cms_link').'</a>']), 403);
+
+                return Response::make(View::make('backend::403'), 403);
+            }
        }

        /*
--- a/modules/backend/views/403.php
+++ b/modules/backend/views/403.php
@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title><?= Lang::get('cms::lang.page.access_denied.label') ?></title>
+    <link href="<?= URL::to('/modules/system/assets/vendor/font-autumn/css/font-autumn.css') ?>" rel="stylesheet">
+    <link href="<?= URL::to('/modules/system/assets/css/styles.css') ?>" rel="stylesheet">
+</head>
+<body>
+<div class="container">
+    <h1><i class="icon-lock warning"></i> <?= Lang::get('cms::lang.page.access_denied.label') ?></h1>
+    <p class="lead"><?= Lang::get('cms::lang.page.access_denied.help') ?></p>
+    <?php if (isset($cms_link)) echo $cms_link; ?>
+</div>
+</body>
+</html>
--- a/modules/cms/lang/de/lang.php
+++ b/modules/cms/lang/de/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Seite nicht gefunden",
            'help' => "Die angeforderte Seite kann nicht gefunden werden.",
        ],
+        'access_denied' => [
+            'label' => "Zugriff verweigert",
+            'help' => "Sie haben nicht die erforderlichen Berechtigungen, um diese Seite zu sehen.",
+            'cms_link' => "Zum CMS-Backend",
+        ],
        'custom_error' => [
            'label' => "Seitenfehler",
            'help' => "Entschuldigung, ein Fehler trat auf, sodass die gewünschte Seite nicht angezeigt werden kann.",
--- a/modules/cms/lang/en/lang.php
+++ b/modules/cms/lang/en/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Page not found",
            'help' => "The requested page cannot be found.",
        ],
+        'access_denied' => [
+            'label' => "Access denied",
+            'help' => "You don't have the required permissions to view this page.",
+            'cms_link' => "Go to CMS backend",
+        ],
        'custom_error' => [
            'label' => "Page error",
            'help' => "We're sorry, but something went wrong and the page cannot be displayed.",
--- a/modules/cms/lang/ja/lang.php
+++ b/modules/cms/lang/ja/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "ページが見つかりません。",
            'help' => "要求されているページが見つかりません。",
        ],
+        'access_denied' => [
+            'label' => "アクセスが拒否されました",
+            'help' => "このページを表示するために必要な権限がありません。",
+            'cms_link' => "CMSのバックエンドに行く",
+        ],
        'custom_error' => [
            'label' => "ページエラー。",
            'help' => "恐れいります。何かが間違っているようで、ページが表示できません。",
--- a/modules/cms/lang/nl/lang.php
+++ b/modules/cms/lang/nl/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Pagina niet gevonden",
            'help' => "De opgevraagde pagina bestaat niet.",
        ],
+        'access_denied' => [
+            'label' => "Toegang geweigerd",
+            'help' => "Je hebt niet de benodigde rechten om deze pagina te bekijken.",
+            'cms_link' => "Ga naar CMS backend",
+        ],
        'custom_error' => [
            'label' => "Paginafout",
            'help' => "Onze excuses, er is iets mis gegaan. De opgevraagde pagina kan niet worden getoond.",
--- a/modules/cms/lang/pt-br/lang.php
+++ b/modules/cms/lang/pt-br/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Página não encontrada",
            'help' => "A página solicitada não pode ser encontrada.",
        ],
+        'access_denied' => [
+            'label' => "Acesso negado",
+            'help' => "Você não tem as permissões necessárias para visualizar esta página.",
+            'cms_link' => "Ir para CMS backend",
+        ],
        'custom_error' => [
            'label' => "Erro na página",
            'help' => "Lamentamos, mas algo deu errado e que a página não pode ser exibida.",
--- a/modules/cms/lang/ru/lang.php
+++ b/modules/cms/lang/ru/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Страница не найдена",
            'help' => "Запрошенная страница не найдена.",
        ],
+        'access_denied' => [
+            'label' => "доступ запрещен",
+            'help' => "Вы не должны необходимые разрешения для просмотра этой страницы.",
+            'cms_link' => "К CMS серверной",
+        ],
        'custom_error' => [
            'label' => "Ошибка на странице",
            'help' => "К сожалению, страница не может быть отображена из-за ошибки.",
--- a/modules/cms/lang/sv/lang.php
+++ b/modules/cms/lang/sv/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Sidan kunde ej hittas",
            'help' => "Den begärda sidan kunde ej hittas",
        ],
+        'access_denied' => [
+            'label' => "Nekat tillträde",
+            'help' => "Du har inte behörighet att visa den här sidan.",
+            'cms_link' => "Gå till CMS backend",
+        ],
        'custom_error' => [
            'label' => "Sidfel",
            'help' => "Tyvärr kan inte sidan visas",
--- a/modules/cms/lang/tr/lang.php
+++ b/modules/cms/lang/tr/lang.php
@ -27,6 +27,11 @@ return [
            'label' => "Sayfa bulunamadı",
            'help' => "İstenilen sayfa bulunamadı.",
        ],
+        'access_denied' => [
+            'label' => "Giriş engellendi",
+            'help' => "Bu sayfayı görüntülemek için gerekli izinlere sahip değilsiniz.",
+            'cms_link' => "CMS uç git",
+        ],
        'custom_error' => [
            'label' => "Sayfa hatası",
            'help' => "Üzgünüz, bir şeyler ters gitti ve sayfa görüntülenemiyor.",