diff --git a/app/controllers/api/oauth2/authorize.php b/app/controllers/api/oauth2/authorize.php
index 6387937dd2986676ba2761939eb6af928f19224d..fe336826afe5f7d4ce81e85cef548f4d7cf51895 100644
--- a/app/controllers/api/oauth2/authorize.php
+++ b/app/controllers/api/oauth2/authorize.php
@@ -24,7 +24,9 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller
$method = $this->getMethod();
if (Request::submitted('auth_token')) {
- $GLOBALS['auth']->login_if('nobody' === $GLOBALS['user']->id);
+ if ('nobody' === $GLOBALS['user']->id) {
+ throw new LoginException();
+ }
CSRFProtection::verifyUnsafeRequest();
switch ($method) {
@@ -59,7 +61,9 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller
return;
} else {
- $GLOBALS['auth']->login_if('nobody' === $GLOBALS['user']->id);
+ if ('nobody' === $GLOBALS['user']->id) {
+ throw new LoginException();
+ }
}
$this->client = $client;
diff --git a/app/controllers/course/forum/index.php b/app/controllers/course/forum/index.php
index 9be214ea3a8f95adbcf68132a40cb19007ddfd17..6eafcd5b8556a3d7ba13bfeab3c9f93b0b8cc310 100644
--- a/app/controllers/course/forum/index.php
+++ b/app/controllers/course/forum/index.php
@@ -832,7 +832,7 @@ class Course_Forum_IndexController extends ForumController
public function rescue($exception)
{
if ($exception instanceof AccessDeniedException) {
- $GLOBALS['auth']->login_if($GLOBALS['user']->id === 'nobody');
+ throw new LoginException();
}
return parent::rescue($exception);
diff --git a/app/controllers/course/ilias_interface.php b/app/controllers/course/ilias_interface.php
index 4f453972ca7ee00915d2104037083aee016b70f1..492ae80cc481b1632779bf2eaab860c4d07215b3 100644
--- a/app/controllers/course/ilias_interface.php
+++ b/app/controllers/course/ilias_interface.php
@@ -47,7 +47,7 @@ class Course_IliasInterfaceController extends AuthenticatedController
$this->seminar_id = Context::getId();
$this->edit_permission = $GLOBALS['perm']->have_studip_perm('tutor', $this->seminar_id);
$this->author_permission = false;
- $this->change_course_permission = $GLOBALS['auth']->auth["perm"] == "root" || ($GLOBALS['perm']->have_studip_perm('tutor', $this->seminar_id) && !empty($this->ilias_interface_config['allow_change_course']));
+ $this->change_course_permission = $GLOBALS['perm']->have_perm('root') || ($GLOBALS['perm']->have_studip_perm('tutor', $this->seminar_id) && !empty($this->ilias_interface_config['allow_change_course']));
$this->add_own_course_permission = $GLOBALS['perm']->have_studip_perm('tutor', $this->seminar_id) && !empty($this->ilias_interface_config['allow_add_own_course']);
$this->course_permission = $GLOBALS['perm']->have_studip_perm('tutor', $this->seminar_id);
diff --git a/app/controllers/new_password.php b/app/controllers/new_password.php
index 956bc5cd6d647a50991ea4e2a60c371c65c96c5b..baa9e622874d5a4d55ba0fc04ae1dfa80c3192aa 100644
--- a/app/controllers/new_password.php
+++ b/app/controllers/new_password.php
@@ -19,7 +19,7 @@ class NewPasswordController extends StudipController
return;
}
- if ($GLOBALS['auth'] && $GLOBALS['auth']->auth["uid"] != "nobody") {
+ if (User::findCurrent()) {
PageLayout::postError(_("Sie können kein neues Passwort anfordern, wenn Sie bereits eingeloggt sind."));
$this->redirect('start');
return;
diff --git a/app/controllers/news.php b/app/controllers/news.php
index 4b9eb60754fc350deb4e089cd9233bae1d898f28..29472c273495bf532a23c69e11043bf107ad9103 100644
--- a/app/controllers/news.php
+++ b/app/controllers/news.php
@@ -436,9 +436,6 @@ class NewsController extends StudipController
public function admin_news_action($area_type = '')
{
// check permission
- if (!$GLOBALS['auth']->is_authenticated() || $GLOBALS['user']->id === 'nobody') {
- throw new AccessDeniedException();
- }
$GLOBALS['perm']->check('user');
// initialize
diff --git a/lib/classes/Context.php b/lib/classes/Context.php
index e7b2e0146abb5440895f27525a403e6173ac7c48..1bc26239b89b1d507693a90358b7612e6b91c53e 100644
--- a/lib/classes/Context.php
+++ b/lib/classes/Context.php
@@ -200,11 +200,11 @@ class Context
*
* @param string $id
*
- * @throws AccessDeniedException
+ * @throws AccessDeniedException|LoginException
*/
public static function set($id)
{
- global $perm, $auth;
+ global $perm;
self::close();
self::loadContext($id);
@@ -226,7 +226,9 @@ class Context
if (!$perm->get_studip_perm($course['Seminar_id'])) {
if ($course['lesezugriff'] > 0 || !Config::get()->ENABLE_FREE_ACCESS) {
// redirect to login page if user is not logged in
- $auth->login_if($auth->auth['uid'] === 'nobody');
+ if (!User::findCurrent()) {
+ throw new LoginException();
+ }
if (!$perm->get_studip_perm($course['Seminar_id'])) {
throw new AccessDeniedException();
@@ -257,7 +259,9 @@ class Context
&& !$perm->have_perm('user');
if ($no_access) {
// redirect to login page if user is not logged in
- $auth->login_if($auth->auth['uid'] === 'nobody');
+ if (!User::findCurrent()) {
+ throw new LoginException();
+ }
if (!$perm->have_perm('user')) {
throw new AccessDeniedException();
diff --git a/lib/functions.php b/lib/functions.php
index 29264fbf0ba705fdb34536b098a13ac1165fd1ac..d03c266e5080224338c7b5aebf42a5a2f329c550 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -1123,7 +1123,10 @@ function studip_default_exception_handler($exception) {
$status = 403;
$template = 'check_object_exception';
} elseif ($exception instanceof LoginException) {
-
+ $_SESSION['redirect_after_login'] = Request::url();
+ sess()->save();
+ header('Location: ' . URLHelper::getScriptURL('dispatch.php/login'));
+ exit;
} else {
if ($exception instanceOf Trails\Exception) {
$status = $exception->getCode();
diff --git a/lib/middleware/SeminarOpenMiddleware.php b/lib/middleware/SeminarOpenMiddleware.php
index 20d7f9e1f75c41ae48d248f4e47abce12d5ae54f..13c4f5f30d817fd3609bdebd446c8d98f092a7ef 100644
--- a/lib/middleware/SeminarOpenMiddleware.php
+++ b/lib/middleware/SeminarOpenMiddleware.php
@@ -154,7 +154,13 @@ final class SeminarOpenMiddleware implements MiddlewareInterface
// This also binds Context::getId()
// to the URL parameter 'cid' for all generated links.
if (isset($course_id)) {
- \Context::set($course_id);
+ try {
+ \Context::set($course_id);
+ } catch (\LoginException $e) {
+ $response = $this->response_factory->createResponse(302);
+ $_SESSION['redirect_after_login'] = \Request::url();
+ return $response->withHeader('Location', \URLHelper::getURL('dispatch.php/login'));
+ }
unset($course_id);
}
diff --git a/lib/showNews.inc.php b/lib/showNews.inc.php
index 1a52d630b3b4d0625f23b0c3125dcef9aeec714e..a63529ae4b8a5b2a249eb0a367b5d73d066f7f7e 100644
--- a/lib/showNews.inc.php
+++ b/lib/showNews.inc.php
@@ -56,7 +56,7 @@ function delete_news($delete_news_array)
_('Ankündigung "%s" wurde gelöscht.'),
htmlReady((string) $delete_news->topic)
));
- if ($delete_news->getValue('user_id') != $GLOBALS['auth']->auth['uid']) {
+ if ($delete_news->getValue('user_id') !== $GLOBALS['user']->id) {
setTempLanguage($delete_news->getValue('user_id'));
$msg = sprintf(
_('Ihre Ankündigung "%s" wurde von der Administration gelöscht!.'),