From 9d4a4f49c9194af301a80fd91dc40ea0fe6dc05e Mon Sep 17 00:00:00 2001
From: Thomas Gelf <thomas@gelf.net>
Date: Tue, 19 Aug 2014 09:54:24 +0200
Subject: [PATCH] ActionController: JS should redirect to __SELF__...

...once you lost your session. That's the only way to do this in a
smooth way. When the server get's an unauthenticated request for a
single container, redirecting to auth/login?redir=<that-container>
was not what you expect.

Together with JS handling __SELF__ in redirection URLs this will
play fine.

refs #6935
---
 .../Web/Controller/ActionController.php       | 58 +++++++++++++------
 1 file changed, 39 insertions(+), 19 deletions(-)

diff --git a/library/Icinga/Web/Controller/ActionController.php b/library/Icinga/Web/Controller/ActionController.php
index 1c4111e4b..d8e340907 100644
--- a/library/Icinga/Web/Controller/ActionController.php
+++ b/library/Icinga/Web/Controller/ActionController.php
@@ -256,8 +256,20 @@ class ActionController extends Zend_Controller_Action
      */
     protected function redirectToLogin($afterLogin = '/dashboard')
     {
+        if (! $afterLogin instanceof Url) {
+            $afterLogin = Url::fromPath($afterLogin);
+        }
+        if ($this->isXhr()) {
+            $redir = '__SELF__';
+        } else {
+            // TODO: Ignore /?
+            $redir = $afterLogin->getRelativeUrl();
+        }
         $url = Url::fromPath('authentication/login');
-        $url->setParam('redirect', $afterLogin);
+        if ($redir) {
+            $url->setParam('redirect', $redir);
+        }
+
         $this->rerenderLayout()->redirectNow($url);
     }
 
@@ -273,6 +285,27 @@ class ActionController extends Zend_Controller_Action
         return $this->getRequest()->isXmlHttpRequest();
     }
 
+    protected function redirectXhr($url)
+    {
+        if (! $url instanceof Url) {
+            $url = Url::fromPath($url);
+        }
+
+        if ($this->rerenderLayout) {
+            $this->getResponse()->setHeader('X-Icinga-Rerender-Layout', 'yes');
+        }
+        if ($this->reloadCss) {
+            $this->getResponse()->setHeader('X-Icinga-Reload-Css', 'now');
+        }
+
+        $this->getResponse()
+            ->setHeader('X-Icinga-Redirect', rawurlencode($url->getAbsoluteUrl()))
+            ->sendHeaders();
+
+        // TODO: Session shutdown?
+        exit;
+    }
+
     /**
     *  Redirect to a specific url, updating the browsers URL field
     *
@@ -280,26 +313,13 @@ class ActionController extends Zend_Controller_Action
     **/
     public function redirectNow($url)
     {
-        if (! $url instanceof Url) {
-            $url = Url::fromPath($url);
-        }
-        $url = preg_replace('~&amp;~', '&', $url);
         if ($this->isXhr()) {
-            if ($this->rerenderLayout) {
-                $this->getResponse()->setHeader('X-Icinga-Rerender-Layout', 'yes');
-            }
-            if ($this->reloadCss) {
-                $this->getResponse()->setHeader('X-Icinga-Reload-Css', 'now');
-            }
-
-            $this->getResponse()
-                ->setHeader('X-Icinga-Redirect', rawurlencode($url))
-                ->sendHeaders();
-
-            // TODO: Session shutdown?
-            exit;
+            $this->redirectXhr($url);
         } else {
-            $this->_helper->Redirector->gotoUrlAndExit(Url::fromPath($url)->getRelativeUrl());
+            if (! $url instanceof Url) {
+                $url = Url::fromPath($url);
+            }
+            $this->_helper->Redirector->gotoUrlAndExit($url->getRelativeUrl());
         }
     }