[drupal-devel] [feature] Allow annoymous users to log in on access denied

Tue Jun 14 01:00:14 UTC 2005

Issue status update for http://drupal.org/node/24050

 Project:      Drupal
 Version:      cvs
 Component:    user system
 Category:     feature requests
 Priority:     normal
 Assigned to:  gordon
 Reported by:  gordon
 Updated by:   neofactor
 Status:       patch

Glad to see it...

I had always just added the following custom pages:
http://neofactor.com/error403 (with a login link)
http://neofactor.com/error404 (Adding the auto search)

My 403's are only for non-members and all members have the same access.
I use PHP to control groups differently for lots of different clients,
so this works out well form me.

The auto redirect function is nice.... keeping the user's initial
request in place.

hey.... When is Drupal going to add images to pages at core?  Visual
appeal.... It would be great if menu items and other areas started to
do this... then people could just swap them out.  Just a wish list.

;)

neofactor

Previous comments:
------------------------------------------------------------------------

June 1, 2005 - 00:51 : gordon

Attachment: http://drupal.org/files/issues/denied_login.diff (1.41 KB)

If the user is anonymous, then the user will be presented with the login
page 'user/login' instead of a the 403 default page. If the user then
logins in and has access to the page they will then get redirected to
the page they were trying to access. If the user is already logged in
then they will get the defined 403 page.

With the standard system you cannot just set user/login as the 403 page
as you will not be redirected to the page that you were originally
requesting, but instead to the user page.

------------------------------------------------------------------------

June 4, 2005 - 19:22 : gordon

Attachment: http://drupal.org/files/issues/denied_login2.patch (3.43 KB)

here is a newer version of the patch which adds an option to
admin/settings page so this functionality can be turned off and on.

------------------------------------------------------------------------

June 4, 2005 - 20:38 : moshe weitzman

I have been wanting this since i first saw drupal (i.e. a long time). +1

------------------------------------------------------------------------

June 5, 2005 - 05:29 : Dries

Because the 403 page is configurable, this is already possible.  This
patch only makes it more convenient.  I tempted to say: "Won't commit,
but let's extend the form description a bit so it is clear this is
possible.".  That or we add a link to the login page (without the extra
setting), cfr. to what the comment module does.

------------------------------------------------------------------------

June 5, 2005 - 07:06 : moshe weitzman

dries - upon executing the 403 handler, the original $_GET['q'] is lost.
That means that we cannot redirect to the destination  page after login
and thats one of the main benefits of this patch.

------------------------------------------------------------------------

June 5, 2005 - 07:40 : gordon

Yes you can use the user/login link, but once you login you get the user
page and not the page you were triing to get  to. Also if you are logged
in you will still get the user/login page when really you should get the
custom access denied page.

------------------------------------------------------------------------

June 5, 2005 - 15:57 : slower

What version of Drupal is this for? I'm using 4.5.

------------------------------------------------------------------------

June 5, 2005 - 18:47 : gordon

It is for cvs (4.7) I would have to rewrite it if I was to port it back
to 4.5

------------------------------------------------------------------------

June 13, 2005 - 18:49 : gordon

Dries, What is the verdict on this patch.

I have found no way of prompting anonymous users to login and continue
seemlessly without this patch. Please correct me if I am wrong, as this
is some functionality that I require.