silverstripe-cms
silverstripe-cms copied to clipboard
Published
20 hours ago •
silverstripe
silverstripe
When a user doesn't access CMS, it renders front-end page from CMS context
When you log into the CMS with a user without any permission (e.g. doesn't belong to any group), the CMS tries to render the front-end page from the CMS context (CMSPagesController) to show the "Log in as someone else" form. This causes an error with front-end page that tries to get some property (i.e. URLSegment) from the (current) page controller.
It looks to me like if it redirects the user out of the CMS (e.g. Security/login) that would not be a problem.
Step to reproduce
- in
Page.php:
...
function getURLSegment()
{
$urlSegment = Controller::curr()→record['URLSegment'];
return $urlSegment;
}
...
- in
Page.ss:
...
$URLSegment
...
- Log into the CMS with a user that doesn't any Page access permission.
