From 901f0bf608308ee1563106254c771a37332370c3 Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Tue, 24 Sep 2024 14:13:27 +0200 Subject: [PATCH 1/5] FIX Don't trigger init if already redirected Fixes https://github.com/silverstripe/silverstripe-admin/issues/1829 See issue for context --- code/ModelAdmin.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/code/ModelAdmin.php b/code/ModelAdmin.php index 228d8c293..cc7bf1575 100644 --- a/code/ModelAdmin.php +++ b/code/ModelAdmin.php @@ -147,6 +147,11 @@ protected function init() { parent::init(); + // Don't do anything if already redirected + if ($this->redirectedTo()) { + return; + } + $models = $this->getManagedModels(); $this->modelTab = $this->getRequest()->param('ModelClass'); From d89ccebde1be82a173a1aa253bce7a4be08f5d7d Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Wed, 25 Sep 2024 11:56:30 +0200 Subject: [PATCH 2/5] Keep default tab --- code/ModelAdmin.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/code/ModelAdmin.php b/code/ModelAdmin.php index cc7bf1575..4cc77859d 100644 --- a/code/ModelAdmin.php +++ b/code/ModelAdmin.php @@ -147,11 +147,6 @@ protected function init() { parent::init(); - // Don't do anything if already redirected - if ($this->redirectedTo()) { - return; - } - $models = $this->getManagedModels(); $this->modelTab = $this->getRequest()->param('ModelClass'); @@ -161,6 +156,11 @@ protected function init() $this->modelTab = key($models ?? []); } + // Don't do anything if already redirected + if ($this->redirectedTo()) { + return; + } + // security check for valid models if (!$this->isManagedModel($this->modelTab)) { // if it fails to match the string exactly, try reverse-engineering a classname From 8137907f064057bba0795c7e16036afb71e5dee3 Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Wed, 25 Sep 2024 12:12:16 +0200 Subject: [PATCH 3/5] use default tab if redirected --- code/ModelAdmin.php | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/code/ModelAdmin.php b/code/ModelAdmin.php index 4cc77859d..eb19ca842 100644 --- a/code/ModelAdmin.php +++ b/code/ModelAdmin.php @@ -150,27 +150,27 @@ protected function init() $models = $this->getManagedModels(); $this->modelTab = $this->getRequest()->param('ModelClass'); + // security check for valid models + if ($this->modelTab && !$this->isManagedModel($this->modelTab)) { + // No need to throw exceptions since we are already redirected + if ($this->redirectedTo()) { + $this->modelTab = null; + } else { + // if it fails to match the string exactly, try reverse-engineering a classname + $this->modelTab = $this->unsanitiseClassName($this->modelTab); + + if (!$this->isManagedModel($this->modelTab)) { + throw new \RuntimeException(sprintf('ModelAdmin::init(): Invalid Model class %s', $this->modelTab)); + } + } + } + // if we've hit the "landing" page if ($this->modelTab === null) { reset($models); $this->modelTab = key($models ?? []); } - // Don't do anything if already redirected - if ($this->redirectedTo()) { - return; - } - - // security check for valid models - if (!$this->isManagedModel($this->modelTab)) { - // if it fails to match the string exactly, try reverse-engineering a classname - $this->modelTab = $this->unsanitiseClassName($this->modelTab); - - if (!$this->isManagedModel($this->modelTab)) { - throw new \RuntimeException(sprintf('ModelAdmin::init(): Invalid Model class %s', $this->modelTab)); - } - } - $this->modelClass = isset($models[$this->modelTab]['dataClass']) ? $models[$this->modelTab]['dataClass'] : $this->modelTab; From 0bdc20ffc6e2774036af337ab54d821aa2c70699 Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Thu, 26 Sep 2024 08:57:11 +0200 Subject: [PATCH 4/5] Update code/ModelAdmin.php Co-authored-by: Guy Sartorelli <36352093+GuySartorelli@users.noreply.github.com> --- code/ModelAdmin.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/code/ModelAdmin.php b/code/ModelAdmin.php index eb19ca842..8f5f37a67 100644 --- a/code/ModelAdmin.php +++ b/code/ModelAdmin.php @@ -152,7 +152,8 @@ protected function init() // security check for valid models if ($this->modelTab && !$this->isManagedModel($this->modelTab)) { - // No need to throw exceptions since we are already redirected + // No need to check model tab since we are already redirected + // This happens when there's a permission failure in LeftAndMain if ($this->redirectedTo()) { $this->modelTab = null; } else { From 188e45e023507df03389c21124c49aedd2c5ff4d Mon Sep 17 00:00:00 2001 From: Thomas Portelange Date: Wed, 2 Oct 2024 09:21:59 +0200 Subject: [PATCH 5/5] add comment --- code/ModelAdmin.php | 1 + 1 file changed, 1 insertion(+) diff --git a/code/ModelAdmin.php b/code/ModelAdmin.php index 8f5f37a67..0ec07140a 100644 --- a/code/ModelAdmin.php +++ b/code/ModelAdmin.php @@ -155,6 +155,7 @@ protected function init() // No need to check model tab since we are already redirected // This happens when there's a permission failure in LeftAndMain if ($this->redirectedTo()) { + // reset so we use the "landing page" $this->modelTab = null; } else { // if it fails to match the string exactly, try reverse-engineering a classname