return 403 for non public reports

author: Struan Donald <struan@exo.org.uk> 2012-08-31 10:48:14 +0100
committer: Struan Donald <struan@exo.org.uk> 2012-08-31 13:01:08 +0100
commit: 1567ec21cf085c87b5e92d5755e8cccaec4e656d (patch)
tree: a58933ec260c53e450e6182eacb11eb65580f835 /perllib/FixMyStreet/App/Controller
parent: 12e567387969c3d13d0519de353d65df8072417c (diff)
2 files changed, 12 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm
index d36ba32fe..9405ec48c 100644
--- a/perllib/FixMyStreet/App/Controller/Report.pm
+++ b/perllib/FixMyStreet/App/Controller/Report.pm
@@ -74,6 +74,11 @@ sub load_problem_or_display_error : Private {
             '/page_error_410_gone',
             [ _('That report has been removed from FixMyStreet.') ]    #
         );
+    } elsif ( $problem->non_public ) {
+        $c->detach(
+            '/page_error_403_access_denied',
+            [ _('That report cannot be viewed on FixMyStreet.') ]    #
+        );
     }
 
     $c->stash->{problem} = $problem;
diff --git a/perllib/FixMyStreet/App/Controller/Root.pm b/perllib/FixMyStreet/App/Controller/Root.pm
index 7f7d7f5fd..769a147bf 100644
--- a/perllib/FixMyStreet/App/Controller/Root.pm
+++ b/perllib/FixMyStreet/App/Controller/Root.pm
@@ -94,6 +94,13 @@ sub page_error_410_gone : Private {
     $c->response->status(410);
 }
 
+sub page_error_403_access_denied : Private {
+    my ( $self, $c, $error_msg ) = @_;
+    $c->stash->{template}  = 'index.html';
+    $c->stash->{error} = $error_msg;
+    $c->response->status(403);
+}
+
 =head2 end
 
 Attempt to render a view, if needed.
author	Struan Donald <struan@exo.org.uk>	2012-08-31 10:48:14 +0100
committer	Struan Donald <struan@exo.org.uk>	2012-08-31 13:01:08 +0100
commit	1567ec21cf085c87b5e92d5755e8cccaec4e656d (patch)
tree	a58933ec260c53e450e6182eacb11eb65580f835 /perllib/FixMyStreet/App/Controller
parent	12e567387969c3d13d0519de353d65df8072417c (diff)