Redirect to previous page after permissions check login
Permalink 1 user found helpful
Hi all,
EDIT: This thread is proof of me overlooking something in my code - for an example of how to forward to a page after triggering a login goto the bottom and skip the middle. Thanks again anchoredbutterfly.
I've found information on how to redirect from login page using the forward method. Which has been helpful but my problem is a little more obscure and I can't find any info to help me get into it.
Basic scenario: a page is only viewable to Registered Users - a guest is given a link to this page - clicks it and is sent to login. This is great - except after a successful login I'd like to redirect the guest to the original page they were looking for.
I know this requires adding '/forward/[pageCID]' to the login page url - but I don't know where / how to implement this in the stack between when a guest is denied permision and redirected to login.
Any leads are appreciated. Thanks.
EDIT: This thread is proof of me overlooking something in my code - for an example of how to forward to a page after triggering a login goto the bottom and skip the middle. Thanks again anchoredbutterfly.
I've found information on how to redirect from login page using the forward method. Which has been helpful but my problem is a little more obscure and I can't find any info to help me get into it.
Basic scenario: a page is only viewable to Registered Users - a guest is given a link to this page - clicks it and is sent to login. This is great - except after a successful login I'd like to redirect the guest to the original page they were looking for.
I know this requires adding '/forward/[pageCID]' to the login page url - but I don't know where / how to implement this in the stack between when a guest is denied permision and redirected to login.
Any leads are appreciated. Thanks.
You can set this if you use the free add-on from the marketplace - Login Block. It has the option to return the user to the previous page when login is complete.
Thanks for the response. I took a look at the controller and view for the block and see what its doing. But I don't think it's going to work for me.
Basically what I am trying to achieve is:
1. Guest user tries to access PageA which only registered users can view.
2. Permissions check occurs somewhere and forwards guest to login page.
3. Guest logs in to site.
4. Guest is redirected to PageA
at step 2 I need to integrate something along the lines of an rcid - like the login block implements or add the /forward/[cid] to the url on the login page.
I've been through the code and can't find where the redirect to login on permission fail is happening. Any thoughts?
G
Basically what I am trying to achieve is:
1. Guest user tries to access PageA which only registered users can view.
2. Permissions check occurs somewhere and forwards guest to login page.
3. Guest logs in to site.
4. Guest is redirected to PageA
at step 2 I need to integrate something along the lines of an rcid - like the login block implements or add the /forward/[cid] to the url on the login page.
I've been through the code and can't find where the redirect to login on permission fail is happening. Any thoughts?
G
I'm not sure what it is that you need then. I have similar restricted pages on two of my sites, both set up with just the login block, and page permissions.. no coding added.
Yes I looked through the block and it is handy for certain - it just won't do quite what I need. I'm fairly certain I know how to fix the problem - I just can't find the right place to make the fix.
Thanks for you help. Have a good one.
Thanks for you help. Have a good one.
Okie Dokie. Let us know if you find what you're after, might come in handy for the future :)
Good luck!
Good luck!
anchoredbutterfly I am an idiot.
I just found the solution - the problem is in my own code. I had several page types where I do a specific permission check manually. I had completely forgotten and was trying to figure out why the forbidden_page handler wasn't doing what it should. I took it back to square one and thought the whole context of the problem through again and realized where my oversight had been - it will be a simple fix now:
The System does do exactly what I want it to - trying to access a forbidden page prompts a login which forwards back to that page if login successful.
Sorry to have wasted your time. Thank you for trying to help - what I got wrong, there is no cure for. : )
G
I just found the solution - the problem is in my own code. I had several page types where I do a specific permission check manually. I had completely forgotten and was trying to figure out why the forbidden_page handler wasn't doing what it should. I took it back to square one and thought the whole context of the problem through again and realized where my oversight had been - it will be a simple fix now:
The System does do exactly what I want it to - trying to access a forbidden page prompts a login which forwards back to that page if login successful.
Sorry to have wasted your time. Thank you for trying to help - what I got wrong, there is no cure for. : )
G
You're no idiot if you figured it out. Nor are you an idiot for asking. The only stupid question is the one not asked :)
Glad you found your fix. I may use it as well, if that's OK with you.
Cheers!
Glad you found your fix. I may use it as well, if that's OK with you.
Cheers!
Go for it.
I fully subscribe to the no stupid question policy. But I also find admitting and laughing about my stupid mistakes to be a good way to manage them.
have a great weekend and thanks again!
g
I fully subscribe to the no stupid question policy. But I also find admitting and laughing about my stupid mistakes to be a good way to manage them.
have a great weekend and thanks again!
g
Thanks!
Have a lovely weekend, too :)
Have a lovely weekend, too :)
Glad you encountered this mistake! It's not stupid at all. It helped me as well get a better idea. I am also trying to do the same thing.
My problem is I have 2 types of registration page:
1. core registration page
2. registration page specific to a group
Scenario:
When a guest tries to access a newsletter and is not part of the newsletter group (which has permission to read the newsletter page) the guest is redirected to 'newsletter' registration (No. 2).
I think what you have here is what I am looking for.
1. Care to share what you have done there?
2. What file specifically did you modify?
3. How do you get the groups that are permitted to see a page?
Thanks
My problem is I have 2 types of registration page:
1. core registration page
2. registration page specific to a group
Scenario:
When a guest tries to access a newsletter and is not part of the newsletter group (which has permission to read the newsletter page) the guest is redirected to 'newsletter' registration (No. 2).
I think what you have here is what I am looking for.
1. Care to share what you have done there?
2. What file specifically did you modify?
3. How do you get the groups that are permitted to see a page?
Thanks
Hey Janx (gonna go with that if its all right with you)
OK - I think I get what you're looking for. I assume you create the newsletter page and then assign a group to the newsletter. You can use the C5 Permissions model to determine if the user is allowed or not.
So to answer your first question here's how I'd go about doing what you are going for (or at least what I'd try first):
You should do this in the controller for the newsletter page (either as a Single Page or Page Type Controller in the on_start() method so as to minimize what is loaded for the newsletter page before redirecting to the login page.
I was using the built in login/registration pages. You must have a second login / registration setup for getting into the newsletter groups so you will need to handle the forwarding in the controllers for those pages. If it were me I'd try starting with a copy of the login and registration controllers and single pages and try to make those bend to your needs (leveraging the existing code for forwarding etc.). If that doesn't work for you then my recourse would be to figure out how they do it in the core login/reg and implement as needed in your custom login/reg.
As for the third question - I looked through the docs online and dove into the Permissions class- there is no out of the box method that I can see that delivers the groups for a given page - you'd have to write that yourself using a db query - you can get some idea of the query structure required by looking at the CollectionPermissions::setGroupAccess() method which is found in concrete/models/permissions.php. At first glance it looks like you want to look at the PagePermissions table to get started.
Hope this helps. Cheers,
g
OK - I think I get what you're looking for. I assume you create the newsletter page and then assign a group to the newsletter. You can use the C5 Permissions model to determine if the user is allowed or not.
So to answer your first question here's how I'd go about doing what you are going for (or at least what I'd try first):
$page = Page::getCurrentPage(); // the user's access to the page is determined in: $cp = new Permissions($page); if (!$cp->canRead()) { // if false then user not in the correct group, or does not otherwise have access so forward them to the newsletter login $url = View::url('[path to newsletter login / registration page]','forward',$page->getCollectionID()); header("Location: $url"); exit; }
You should do this in the controller for the newsletter page (either as a Single Page or Page Type Controller in the on_start() method so as to minimize what is loaded for the newsletter page before redirecting to the login page.
I was using the built in login/registration pages. You must have a second login / registration setup for getting into the newsletter groups so you will need to handle the forwarding in the controllers for those pages. If it were me I'd try starting with a copy of the login and registration controllers and single pages and try to make those bend to your needs (leveraging the existing code for forwarding etc.). If that doesn't work for you then my recourse would be to figure out how they do it in the core login/reg and implement as needed in your custom login/reg.
As for the third question - I looked through the docs online and dove into the Permissions class- there is no out of the box method that I can see that delivers the groups for a given page - you'd have to write that yourself using a db query - you can get some idea of the query structure required by looking at the CollectionPermissions::setGroupAccess() method which is found in concrete/models/permissions.php. At first glance it looks like you want to look at the PagePermissions table to get started.
Hope this helps. Cheers,
g
Gerr