Using this example setup:
Page_Controller::$allowed_actions = array('index', 'tag');
class SubPage_Controller extends Page_Controller {
}
How can I ensure the action "date" isn't allowed on SubPage?
/my-subpage/date
I'm looking in RequestHandler::checkAccessAction() and it looks like - because SubPage_Controller doesn't explicitly define any allowed_actions, and because there's no method for this non-existent "date" action, that the date action is allowed.
Oddly, I can avoid that by declaring another unrelated allowed action, or by re-declaring the ones from the parent.
e.g.
SubPage_Controller::$allowed_actions = array('index');
or
SubPage_Controller::$allowed_action = array('apple');
This is a little confusing to me. Surely if an action isn't in $allowed_actions, it's not allowed? The inline comment is "Return true so that a template can handle this action", but my only response to that is "wtf".
Thanks in advance for any help or explanation.