silverstripe-cms icon indicating copy to clipboard operation
silverstripe-cms copied to clipboard
verified publisher icon silverstripe

When a user doesn't access CMS, it renders front-end page from CMS context

Open phalkunz opened this issue 7 years ago • 0 comments

When you log into the CMS with a user without any permission (e.g. doesn't belong to any group), the CMS tries to render the front-end page from the CMS context (CMSPagesController) to show the "Log in as someone else" form. This causes an error with front-end page that tries to get some property (i.e. URLSegment) from the (current) page controller.

It looks to me like if it redirects the user out of the CMS (e.g. Security/login) that would not be a problem.

Step to reproduce

  1. in Page.php:
...
function getURLSegment() 
{
	$urlSegment = Controller::curr()→record['URLSegment'];
	return $urlSegment;
}
...
  1. in Page.ss:
...
$URLSegment
...
  1. Log into the CMS with a user that doesn't any Page access permission.

phalkunz avatar Aug 13 '18 02:08 phalkunz