From 70bbade5e06dfa93ce600c6ed0c237fd63b47851 Mon Sep 17 00:00:00 2001
From: Ronald Quenta <ronald.otn@gmail.com>
Date: Mon, 7 Aug 2017 02:20:05 -0400
Subject: [PATCH] add new exception

---
 gulliver/system/class.rbac.php                |  6 +-
 workflow/engine/methods/mails/emailsAjax.php  | 11 ++--
 .../ProcessMaker/Exception/RBACException.php  | 59 +++++++++++++++++++
 workflow/public_html/app.php                  |  2 +
 4 files changed, 70 insertions(+), 8 deletions(-)
 create mode 100644 workflow/engine/src/ProcessMaker/Exception/RBACException.php

diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 64bed7f4a..e6fc8272a 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -25,6 +25,9 @@
  * Coral Gables, FL, 33134, USA, or email info@colosa.com.
  *
  */
+
+use ProcessMaker\Exception\RBACException;
+
 /**
  * File: $Id$
  *
@@ -1545,8 +1548,7 @@ class RBAC
         }
 
         if (!$access) {
-            G::header('Location: /errors/error403.php');
-            die();
+            throw new RBACException('ID_ACCESS_DENIED', 403);
         }
     }
 }
diff --git a/workflow/engine/methods/mails/emailsAjax.php b/workflow/engine/methods/mails/emailsAjax.php
index 31c1cc624..653fc24b2 100644
--- a/workflow/engine/methods/mails/emailsAjax.php
+++ b/workflow/engine/methods/mails/emailsAjax.php
@@ -1,4 +1,7 @@
 <?php
+
+use ProcessMaker\Exception\RBACException;
+
 $req = (isset($_POST['request']))? $_POST['request']:((isset($_REQUEST['request']))? $_REQUEST['request'] : 'No hayyy tal');
 
 require_once 'classes/model/Content.php';
@@ -10,14 +13,10 @@ require_once 'classes/model/Application.php';
 global $RBAC;
 switch ($RBAC->userCanAccess('PM_LOGIN')) {
     case -2:
-        G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
-        G::header('location: ../login/login');
-        die();
+        throw new RBACException('ID_USER_HAVENT_RIGHTS_SYSTEM', -2);
         break;
     case -1:
-        G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
-        G::header('location: ../login/login');
-        die();
+        throw new RBACException('ID_USER_HAVENT_RIGHTS_PAGE', -1);
         break;
 }
 $RBAC->allows(basename(__FILE__), $req);
diff --git a/workflow/engine/src/ProcessMaker/Exception/RBACException.php b/workflow/engine/src/ProcessMaker/Exception/RBACException.php
new file mode 100644
index 000000000..f10e881e4
--- /dev/null
+++ b/workflow/engine/src/ProcessMaker/Exception/RBACException.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace ProcessMaker\Exception;
+
+use G;
+
+/**
+ * Class PMException
+ * @package ProcessMaker\Exception
+ */
+class RBACException extends \Exception
+{
+    const PM_LOGIN = '../login/login';
+    const PM_403 = '/errors/error403.php';
+
+    /**
+     * RBACException constructor.
+     * @param string $message
+     * @param null $code
+     */
+    public function __construct($message, $code=NULL)
+    {
+        parent::__construct($message, $code);
+    }
+
+    /**
+     * Displays the entire exception as a string
+     * @return string
+     */
+    public function __toString()
+    {
+        switch ($this->getCode()) {
+            case -1:
+                G::SendTemporalMessage($this->getMessage(), 'error', 'labels');
+                $message = self::PM_LOGIN;
+                break;
+            case -2:
+                G::SendTemporalMessage($this->getMessage(), 'error', 'labels');
+                $message = self::PM_LOGIN;
+                break;
+            case 403:
+                $message = self::PM_403;
+                break;
+            default:
+                $message = self::PM_LOGIN;
+                break;
+        }
+        return $message;
+    }
+
+    /**
+     * Returns the path to which to redirect
+     * @return $this
+     */
+    public function getPath()
+    {
+        return $this;
+    }
+}
diff --git a/workflow/public_html/app.php b/workflow/public_html/app.php
index 7fe4195d1..0c8506882 100644
--- a/workflow/public_html/app.php
+++ b/workflow/public_html/app.php
@@ -53,6 +53,8 @@ try {
             break;
     }
 
+} catch (ProcessMaker\Exception\RBACException $e) {
+    G::header('location: ' . $e->getPath());
 } catch (Exception $e) {
     $view = new Maveriks\Pattern\Mvc\PhtmlView($rootDir . "framework/src/templates/Exception.phtml");
     $view->set("message", $e->getMessage());