Seth,
Can you wrap your code in a try / catch and basically handle the exception in there? This came up on IRC a few weeks ago, and surprised me a bit too...
The try / catch should prevent the plugin from crashing, and you can decide what to do there... route to error, or maybe log and deny to be safe..
Just a thought
Seth Atkins wrote:
Exception handling with controller plugins I'm curious if anyone has a workaround for this issue. I'm using ACLs within a controller plugin, and this is important to my design since I want the ACLs to be checked prior to actual dispatch…that way I can essentially redirect based on permissions to other module/controller/action by simply modifying the request object. I'd like to keep this basic design, but I've found a fairly significant limitation. If the plugin encounters any kind of exception, the plugin execution is halted and then the app continues on….which ultimately means that the controller/action is also processed and rendered. The significance of this problem is that if the exception occurs prior to the "isAllowed" method of the ACL, then the permissions are NEVER checked.
Exception handling not being my strongest area in PHP, I believe this is because each controller plugin is called in turn from within a try/catch statement in the plugin broker. So I don't immediately see the solution to this problem. What I want is for the plugin to continue execution even if an exception is encountered so that the $acl->isAllowed() method can be called resulting in allow/deny actions to be taken.
With the current behavior, what I've discovered can happen is that I have an admin area, and an ACL governs access. If someone tried to access the admin area and if an exception was encountered during ACL creation, the admin page renders whether or not they actually have access followed by the exception message below the rendered page. This is not good!!
Seth
没有评论:
发表评论