Route Prefix Permissions

Sim

Sim

Well-known member
I wrote an addon which provides an integration point for my (multiple) forums with my helpdesk system - essentially a simply API I can call remotely and perform user lookups against a forum based on things like the email address that the helpdesk request came from.

The way I implemented this addon in XenForo was using a route prefix which called a public controller and then responded using a public view which returned the data as JSON.

Now this works perfectly for most of my sites - but I have one private site I run for a client of mine, and the permissions on that site are such that unregistered users are explicitly denied access to pretty much everything.

So now I get permission errors when trying to access my route prefix for my private site.

What permissions would be required for an unregistered user to access the site via my route prefix? "View"?

Is there a way to bypass the permissions on a single route?
 
You would do this at the Controller level (not the route level).

The Abstract public controller asserts viewing permissions in this way:
PHP: 
    protected function _assertViewingPermissions($action)
    {
        if (!XenForo_Visitor::getInstance()->hasPermission('general', 'view'))
        {
            throw $this->getNoPermissionResponseException();
        }
    }

What you would need to do is add that function to your own Controller and change it to something like:

PHP: 
    protected function _assertViewingPermissions($action)
    {
        if ($action == 'your-action')
        {
            return;
        }

        parent::_assertViewingPermissions($action);
    }

That would override the default behaviour in your controller so that actionYourAction does not do the normal permission check.

You can make it so that your controller completely bypasses the permission check for all actions in your controller (use with caution!) like this:

PHP: 
    protected function _assertViewingPermissions($action)
    {

    }
 
You must log in or register to reply here.

Similar threads

CStrategies
XF 2.2 Help routing to XFCP extension
Replies
2
Views
218
Jeremy P
Jeremy P
S
  • Question Question
XF 2.1 Why custom route prefix is getting deleted
Replies
0
Views
124
sajal
S
FoxSecrets
XF 2.2 How to edit info in the same page
Replies
1
Views
224
FoxSecrets
FoxSecrets
FoxSecrets
XF 2.2 How to correctly link to an "Add New Item" page
Replies
8
Views
530
FoxSecrets
FoxSecrets
E
  • Question Question
XF 2.2 How to make all registered users reply like unregistered w/ reply permissions?
Replies
10
Views
350
EchoRomeo
E
Top Bottom