Merge pull request #1009 from CakeDC/feature/addUnauthoritzedUrlInfla…

…shMessage add config option to include Unauthorized Url in returned Flash Message
CakeDC · Oct 27, 2023 · 0ddaba1 · 0ddaba1
2 parents 0de2fd0 + 9537acd
commit 0ddaba1
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 5 deletions.
diff --git a/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php b/src/Middleware/UnauthorizedHandler/DefaultRedirectHandler.php
@@ -17,6 +17,7 @@
 use Authorization\Exception\ForbiddenException;
 use Authorization\Exception\MissingIdentityException;
 use Authorization\Middleware\UnauthorizedHandler\CakeRedirectHandler;
+use Cake\Core\Configure;
 use Cake\Http\ServerRequest;
 use Cake\Http\Session;
 use Cake\Routing\Router;
@@ -60,6 +61,7 @@ public function handle(
         $response = parent::handle($exception, $request, $options);
         $session = $request->getAttribute('session');
         if ($session instanceof Session) {
+            $options['request'] = $request;
             $this->addFlashMessage($session, $options);
         }
 
@@ -117,11 +119,16 @@ protected function createFlashMessage($options): array
     {
         $message = (array)($options['flash'] ?? []);
 
+        $unauthorizedUrl = '';
+        if (Configure::read('debug')) {
+            $unauthorizedUrl = __d('cake_d_c/users', 'Location = ') . (string)$options['request']->getUri();
+        }
+
         return $message + [
-                'message' => __d('cake_d_c/users', 'You are not authorized to access that location.'),
-                'key' => 'flash',
-                'element' => 'flash/error',
-                'params' => [],
-            ];
+            'message' => __d('cake_d_c/users', 'You are not authorized to access that location.') . $unauthorizedUrl,
+            'key' => 'flash',
+            'element' => 'flash/error',
+            'params' => [],
+        ];
     }
 }
diff --git a/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php b/tests/TestCase/Controller/Traits/Integration/LoginTraitIntegrationTest.php
@@ -54,12 +54,24 @@ public function loginAsUserId($id)
      */
     public function testRedirectToLogin()
     {
+        Configure::write('debug', false);
         $this->enableRetainFlashMessages();
         $this->get('/pages/home');
+
         $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome');
         $this->assertFlashMessage('You are not authorized to access that location.');
     }
 
+    public function testRedirectToLoginDebug()
+    {
+        Configure::write('debug', true);
+        $this->enableRetainFlashMessages();
+        $this->get('/pages/home');
+
+        $this->assertRedirectContains('/login?redirect=%2Fpages%2Fhome');
+        $this->assertFlashMessage('You are not authorized to access that location.Location = http://localhost/pages/home');
+    }
+
     /**
      * Test login action with get request
      *