use unauthorized function, don't print anything to use

Author: simonLeary42

.pre-commit-config.yaml

@@ -48,11 +48,9 @@ repos:
         language: system
         files: \.php$
         args: [-l]
-  - repo: local
-    hooks:
       - id: assert-no-die-exit
         name: Assert no die()/exit()
         entry: ./test/assert-no-die-exit.bash
         language: system
         files: \.php$
-        exclude: \./resources/lib/UnitySite.php$
+        exclude: resources/lib/UnitySite\.php$

resources/lib/UnitySite.php

@@ -50,7 +50,14 @@ public static function badRequest($message)
     {
         self::headerResponseCode(400);
         self::errorLog("bad request", $message);
-        self::die($message);
+        self::die();
+    }
+
+    public static function unauthorized($message)
+    {
+        self::headerResponseCode(401);
+        self::errorLog("unauthorized", $message);
+        self::die();
     }
 
     public static function removeTrailingWhitespace($arr)

webroot/admin/ajax/get_group_members.php

@@ -6,7 +6,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if (!isset($_GET["pi_uid"])) {

webroot/admin/ajax/get_page_contents.php

@@ -5,7 +5,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if (!isset($_GET["pageid"])) {

webroot/admin/content.php

@@ -5,7 +5,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/admin/notices.php

@@ -5,7 +5,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/admin/pi-mgmt.php

@@ -7,7 +7,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/admin/user-mgmt.php

@@ -5,7 +5,7 @@
 use UnityWebPortal\lib\UnitySite;
 
 if (!$USER->isAdmin()) {
-    UnitySite::die();
+    UnitySite::unauthorized("not an admin");
 }
 
 if ($_SERVER["REQUEST_METHOD"] == "POST") {

webroot/panel/ajax/get_group_members.php

@@ -21,7 +21,7 @@
 }
 
 if ($found) {
-    UnitySite::die("not a group member");
+    UnitySite::unauthorized("not a group member");
 }
 
 $count = count($members);

webroot/panel/modal/pi_search.php

@@ -7,7 +7,7 @@
 $search_query = $_GET["search"];  // Search is passed as a get var
 if (empty($search_query)) {
     echo "<span>No Results</span>";
-    UnitySite::die("no results");
+    UnitySite::die();
 }
 
 $assocs = $LDAP->getAllPIGroups($SQL, $MAILER, $REDIS, $WEBHOOK);