diff options
Diffstat (limited to 'application/models')
-rw-r--r-- | application/models/muser.php | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/application/models/muser.php b/application/models/muser.php index ffcc5f6b3..fb8abad8b 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -160,14 +160,14 @@ class Muser extends CI_Model { $have = array_search($session_level, $this->access_levels); if ($wanted === false || $have === false) { - show_error("Failed to determine access level"); + throw new \exceptions\PublicApiException("api/invalid-accesslevel", "Failed to determine access level"); } if ($have >= $wanted) { - return true; + return; } - show_error("Access denied: Access level too low", 403); + throw new \exceptions\InsufficientPermissionsException("api/insufficient-permissions", "Access denied: Access level too low"); } function require_access($wanted_level = "full") @@ -184,17 +184,15 @@ class Muser extends CI_Model { return $this->check_access_level($wanted_level); } - if (!stateful_client()) { - show_error("Not authenticated. FileBin requires you to have an account, please go to the homepage for more information.\n", 401); + if (stateful_client()) { + // desktop clients get redirected to the login form + $this->require_session(); + if (!$this->session->userdata("flash:new:uri")) { + $this->session->set_flashdata("uri", $this->uri->uri_string()); + } } - // desktop clients get redirected to the login form - $this->require_session(); - if (!$this->session->userdata("flash:new:uri")) { - $this->session->set_flashdata("uri", $this->uri->uri_string()); - } - redirect('user/login'); - exit(); + throw new \exceptions\NotAuthenticatedException("api/not-authenticated", "Not authenticated. FileBin requires you to have an account, please go to the homepage for more information."); } function username_exists($username) |