Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/controller/PhabricatorLogoutController.php
| <?php | <?php | ||||
| final class PhabricatorLogoutController | final class PhabricatorLogoutController | ||||
| extends PhabricatorAuthController { | extends PhabricatorAuthController { | ||||
| public function shouldRequireLogin() { | public function shouldRequireLogin() { | ||||
| return true; | // See T13310. We allow access to the "Logout" controller even if you are | ||||
| // not logged in: otherwise, users who do not have access to any Spaces can | |||||
| // not log out. | |||||
| // When you try to access a controller which requires you be logged in, | |||||
| // and you do not have access to any Spaces, an access check fires first | |||||
| // and prevents access with a "No Access to Spaces" error. If this | |||||
| // controller requires users be logged in, users who are trying to log out | |||||
| // and also have no access to Spaces get the error instead of a logout | |||||
| // workflow and are trapped. | |||||
| // By permitting access to this controller even if you are not logged in, | |||||
| // we bypass the Spaces check and allow users who have no access to Spaces | |||||
| // to log out. | |||||
| // This incidentally allows users who are already logged out to access the | |||||
| // controller, but this is harmless: we just no-op these requests. | |||||
| return false; | |||||
| } | } | ||||
amckinleyUnsubmitted Inline Actions amckinley: wat | |||||
Haha, in retrospect this is fairly confusing -- let me take another shot at it. epriestley: Haha, in retrospect this is fairly confusing -- let me take another shot at it. | |||||
| public function shouldRequireEmailVerification() { | public function shouldRequireEmailVerification() { | ||||
| // Allow unverified users to logout. | // Allow unverified users to logout. | ||||
| return false; | return false; | ||||
| } | } | ||||
| public function shouldRequireEnabledUser() { | public function shouldRequireEnabledUser() { | ||||
| // Allow disabled users to logout. | // Allow disabled users to logout. | ||||
| ▲ Show 20 Lines • Show All 48 Lines • Show Last 20 Lines | |||||