From bbd2915637b94284ecacc40cc7d2894d4007f817 Mon Sep 17 00:00:00 2001
From: Louis Matthijssen <louis@ict-crew.nl>
Date: Mon, 16 Jun 2014 22:46:11 +0200
Subject: [PATCH] Improve the access denied (403) page

This is an improved version of the current access denied (403) page based on the built-in not found (404) page.

Shows a link to the CMS backend if the user is logged in and doesn't have permissions for the backend page it's trying to access, but does have permissions for the CMS backend.

Please note that the following languages are machine translated: ja, pt-br, ru and sv.
---
 modules/backend/classes/Controller.php | 11 ++++++++---
 modules/backend/views/403.php          | 16 ++++++++++++++++
 modules/cms/lang/de/lang.php           |  5 +++++
 modules/cms/lang/en/lang.php           |  5 +++++
 modules/cms/lang/ja/lang.php           |  5 +++++
 modules/cms/lang/nl/lang.php           |  5 +++++
 modules/cms/lang/pt-br/lang.php        |  5 +++++
 modules/cms/lang/ru/lang.php           |  5 +++++
 modules/cms/lang/sv/lang.php           |  5 +++++
 modules/cms/lang/tr/lang.php           |  5 +++++
 10 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 modules/backend/views/403.php

diff --git a/modules/backend/classes/Controller.php b/modules/backend/classes/Controller.php
index a95a068f6..e9a6d8ff7 100644
--- a/modules/backend/classes/Controller.php
+++ b/modules/backend/classes/Controller.php
@@ -3,6 +3,7 @@
 use Str;
 use Log;
 use Lang;
+use View;
 use Flash;
 use Request;
 use Backend;
@@ -145,7 +146,7 @@ class Controller extends Extendable
             // Not logged in, redirect to login screen or show ajax error
             if (!BackendAuth::check()) {
                 return Request::ajax()
-                    ? Response::make('Access Forbidden', '403')
+                    ? Response::make(View::make('backend::403'), 403)
                     : Redirect::guest(Backend::url('backend/auth'));
             }
 
@@ -153,8 +154,12 @@ class Controller extends Extendable
             $this->user = BackendAuth::getUser();
 
             // Check his access groups against the page definition
-            if ($this->requiredPermissions && !$this->user->hasAnyAccess($this->requiredPermissions))
-                return Response::make('Access Forbidden', '403');
+            if ($this->requiredPermissions && !$this->user->hasAnyAccess($this->requiredPermissions)) {
+                if ($this->user->hasAnyAccess(['cms.*']))
+                    return Response::make(View::make('backend::403', ['cms_link' => '<a href="'.Backend::url('cms').'">'.Lang::get('cms::lang.page.access_denied.cms_link').'</a>']), 403);
+
+                return Response::make(View::make('backend::403'), 403);
+            }
         }
 
         /*
diff --git a/modules/backend/views/403.php b/modules/backend/views/403.php
new file mode 100644
index 000000000..b22a32d05
--- /dev/null
+++ b/modules/backend/views/403.php
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title><?= Lang::get('cms::lang.page.access_denied.label') ?></title>
+    <link href="<?= URL::to('/modules/system/assets/vendor/font-autumn/css/font-autumn.css') ?>" rel="stylesheet">
+    <link href="<?= URL::to('/modules/system/assets/css/styles.css') ?>" rel="stylesheet">
+</head>
+<body>
+<div class="container">
+    <h1><i class="icon-lock warning"></i> <?= Lang::get('cms::lang.page.access_denied.label') ?></h1>
+    <p class="lead"><?= Lang::get('cms::lang.page.access_denied.help') ?></p>
+    <?php if (isset($cms_link)) echo $cms_link; ?>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/modules/cms/lang/de/lang.php b/modules/cms/lang/de/lang.php
index 9d5f125f9..a2fc04250 100644
--- a/modules/cms/lang/de/lang.php
+++ b/modules/cms/lang/de/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Seite nicht gefunden",
             'help' => "Die angeforderte Seite kann nicht gefunden werden.",
         ],
+        'access_denied' => [
+            'label' => "Zugriff verweigert",
+            'help' => "Sie haben nicht die erforderlichen Berechtigungen, um diese Seite zu sehen.",
+            'cms_link' => "Zum CMS-Backend",
+        ],
         'custom_error' => [
             'label' => "Seitenfehler",
             'help' => "Entschuldigung, ein Fehler trat auf, sodass die gewünschte Seite nicht angezeigt werden kann.",
diff --git a/modules/cms/lang/en/lang.php b/modules/cms/lang/en/lang.php
index 87f0070dc..cf72933e6 100644
--- a/modules/cms/lang/en/lang.php
+++ b/modules/cms/lang/en/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Page not found",
             'help' => "The requested page cannot be found.",
         ],
+        'access_denied' => [
+            'label' => "Access denied",
+            'help' => "You don't have the required permissions to view this page.",
+            'cms_link' => "Go to CMS backend",
+        ],
         'custom_error' => [
             'label' => "Page error",
             'help' => "We're sorry, but something went wrong and the page cannot be displayed.",
diff --git a/modules/cms/lang/ja/lang.php b/modules/cms/lang/ja/lang.php
index 9082fdf6c..1cc818226 100644
--- a/modules/cms/lang/ja/lang.php
+++ b/modules/cms/lang/ja/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "ページが見つかりません。",
             'help' => "要求されているページが見つかりません。",
         ],
+        'access_denied' => [
+            'label' => "アクセスが拒否されました",
+            'help' => "このページを表示するために必要な権限がありません。",
+            'cms_link' => "CMSのバックエンドに行く",
+        ],
         'custom_error' => [
             'label' => "ページエラー。",
             'help' => "恐れいります。何かが間違っているようで、ページが表示できません。",
diff --git a/modules/cms/lang/nl/lang.php b/modules/cms/lang/nl/lang.php
index 0a59ce1d7..b803c969e 100644
--- a/modules/cms/lang/nl/lang.php
+++ b/modules/cms/lang/nl/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Pagina niet gevonden",
             'help' => "De opgevraagde pagina bestaat niet.",
         ],
+        'access_denied' => [
+            'label' => "Toegang geweigerd",
+            'help' => "Je hebt niet de benodigde rechten om deze pagina te bekijken.",
+            'cms_link' => "Ga naar CMS backend",
+        ],
         'custom_error' => [
             'label' => "Paginafout",
             'help' => "Onze excuses, er is iets mis gegaan. De opgevraagde pagina kan niet worden getoond.",
diff --git a/modules/cms/lang/pt-br/lang.php b/modules/cms/lang/pt-br/lang.php
index 1c63967db..5dcd24371 100644
--- a/modules/cms/lang/pt-br/lang.php
+++ b/modules/cms/lang/pt-br/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Página não encontrada",
             'help' => "A página solicitada não pode ser encontrada.",
         ],
+        'access_denied' => [
+            'label' => "Acesso negado",
+            'help' => "Você não tem as permissões necessárias para visualizar esta página.",
+            'cms_link' => "Ir para CMS backend",
+        ],
         'custom_error' => [
             'label' => "Erro na página",
             'help' => "Lamentamos, mas algo deu errado e que a página não pode ser exibida.",
diff --git a/modules/cms/lang/ru/lang.php b/modules/cms/lang/ru/lang.php
index 9949689b6..8b6997104 100644
--- a/modules/cms/lang/ru/lang.php
+++ b/modules/cms/lang/ru/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Страница не найдена",
             'help' => "Запрошенная страница не найдена.",
         ],
+        'access_denied' => [
+            'label' => "доступ запрещен",
+            'help' => "Вы не должны необходимые разрешения для просмотра этой страницы.",
+            'cms_link' => "К CMS серверной",
+        ],
         'custom_error' => [
             'label' => "Ошибка на странице",
             'help' => "К сожалению, страница не может быть отображена из-за ошибки.",
diff --git a/modules/cms/lang/sv/lang.php b/modules/cms/lang/sv/lang.php
index ccc047f99..045d37d20 100644
--- a/modules/cms/lang/sv/lang.php
+++ b/modules/cms/lang/sv/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Sidan kunde ej hittas",
             'help' => "Den begärda sidan kunde ej hittas",
         ],
+        'access_denied' => [
+            'label' => "Nekat tillträde",
+            'help' => "Du har inte behörighet att visa den här sidan.",
+            'cms_link' => "Gå till CMS backend",
+        ],
         'custom_error' => [
             'label' => "Sidfel",
             'help' => "Tyvärr kan inte sidan visas",
diff --git a/modules/cms/lang/tr/lang.php b/modules/cms/lang/tr/lang.php
index a0b4eac09..2150a3929 100644
--- a/modules/cms/lang/tr/lang.php
+++ b/modules/cms/lang/tr/lang.php
@@ -27,6 +27,11 @@ return [
             'label' => "Sayfa bulunamadı",
             'help' => "İstenilen sayfa bulunamadı.",
         ],
+        'access_denied' => [
+            'label' => "Giriş engellendi",
+            'help' => "Bu sayfayı görüntülemek için gerekli izinlere sahip değilsiniz.",
+            'cms_link' => "CMS uç git",
+        ],
         'custom_error' => [
             'label' => "Sayfa hatası",
             'help' => "Üzgünüz, bir şeyler ters gitti ve sayfa görüntülenemiyor.",