Merge pull request #39 from MGatner/update-filters

Update filters, support silent operation, allow user config

src/Authentication/AuthenticationBase.php

@@ -49,6 +49,17 @@ public function error()
         return $this->error;
     }
 
+    /**
+     * Whether to continue instead of throwing exceptions,
+     * as defined in config.
+     *
+     * @return string
+     */
+    public function silent()
+    {
+        return $this->config->silent;
+    }
+
 
     /**
      * Logs a user into the system.

src/Config/Auth.php

@@ -53,6 +53,13 @@ class Auth extends BaseConfig
     //
     public $rememberLength = 30 * DAY;
 
+    //--------------------------------------------------------------------
+    // Error handling
+    //--------------------------------------------------------------------
+    // If true, will continue instead of throwing exceptions.
+    //
+    public $silent = false;
+
     //--------------------------------------------------------------------
     // PASSWORD HASHING COST
     //--------------------------------------------------------------------

src/Config/Services.php

@@ -17,8 +17,16 @@ public static function authentication(string $lib = 'local', Model $userModel=nu
         {
             return self::getSharedInstance('authentication', $lib, $userModel, $loginModel);
         }
-
-        $config = config(Auth::class);
+
+		// prioritizes user config in app/Config if found
+		if (class_exists('\Config\Auth'))
+		{
+			$config = config('Config\\Auth');
+		}
+		else
+		{
+			$config = config(Auth::class);
+		}
 
         $class = $config->authenticationLibs[$lib];
 

src/Filters/PermissionFilter.php

@@ -23,18 +23,32 @@ class PermissionFilter implements FilterInterface
      */
     public function before(RequestInterface $request, $params = null)
     {
+		if (empty($params))
+		{
+			return;
+		}
+
         $authenticate = Services::authentication();
-
-        if (! $authenticate->check() || empty($params))
+
+		// if no user is logged in then send to the login form
+        if (! $authenticate->check())
         {
-            return;
+            return redirect('login');
         }
 
         $authorize = Services::authorization();
 
         if (! $authorize->hasPermission($params, $authenticate->id()))
         {
-            throw new \RuntimeException('You do not have permission to view that page.');
+        	if ($authenticate->silent())
+        	{
+				$redirectURL = session('redirect_url') ?? '/';
+				unset($_SESSION['redirect_url']);
+				return redirect()->to($redirectURL)->with('error', lang('Auth.notEnoughPrivilege'));
+        	}
+        	else {
+        		throw new \RuntimeException(lang('Auth.notEnoughPrivilege'));
+        	}
         }
     }
 

src/Filters/RoleFilter.php

@@ -23,19 +23,32 @@ class RoleFilter implements FilterInterface
      */
     public function before(RequestInterface $request, $params = null)
     {
+		if (empty($params))
+		{
+			return;
+		}
+
         $authenticate = Services::authentication();
-
-        if (! $authenticate->check() || empty($params))
+
+		// if no user is logged in then send to the login form
+        if (! $authenticate->check())
         {
-            return;
+            return redirect('login');
         }
 
-        $user = $authenticate->user();
         $authorize = Services::authorization();
 
-        if (! $authorize->inGroup($params, $user->id))
+        if (! $authorize->inGroup($params, $authenticate->id()))
         {
-            throw new \RuntimeException('You do not have permission to view that page.');
+        	if ($authenticate->silent())
+        	{
+				$redirectURL = session('redirect_url') ?? '/';
+				unset($_SESSION['redirect_url']);
+				return redirect()->to($redirectURL)->with('error', lang('Auth.notEnoughPrivilege'));
+        	}
+        	else {
+        		throw new \RuntimeException(lang('Auth.notEnoughPrivilege'));
+        	}
         }
     }