Method getUser in AbstractController should not throw an 403 Exception

sulu / SuluCommunityBundle

Community features like Login, Registration, Password forget/reset for your sulu application.

MIT License

30 stars 39 forks source link

Method getUser in AbstractController should not throw an 403 Exception #123

Closed HadGS closed 4 years ago

HadGS commented 4 years ago

Q	A
Bug?	yes
New Feature?	no
Community Bundle Version	develop
Sulu Version	2.0.2

Actual Behavior

I override some community controllers and need to check if user is logged or not. But controller action getUser throw an 403 Exception if no user is logged.

Expected Behavior

Method getUser should not throw an Exception.

Possible Solutions

If no user is logged, method getUser should return null and exception should be thrown in calling method.

alexander-schranz commented 4 years ago

From security context I'm afraid of changing this behaviour at current state please go with override that method and catch the 403 exception.