Changed as per the recommandation of Sir Odo
This commit is contained in:
parent
9b0d8c0503
commit
624f256f61
|
@ -71,17 +71,23 @@ class ir_http(osv.AbstractModel):
|
|||
request.uid = request.session.uid
|
||||
|
||||
def _authenticate(self, auth_method='user'):
|
||||
if request.session.uid:
|
||||
try:
|
||||
request.session.check_security()
|
||||
# what if error in security.check()
|
||||
# -> res_users.check()
|
||||
# -> res_users.check_credentials()
|
||||
except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
|
||||
# All other exceptions mean undetermined status (e.g. connection pool full),
|
||||
# let them bubble up
|
||||
request.session.logout()
|
||||
getattr(self, "_auth_method_%s" % auth_method)()
|
||||
try:
|
||||
if request.session.uid:
|
||||
try:
|
||||
request.session.check_security()
|
||||
# what if error in security.check()
|
||||
# -> res_users.check()
|
||||
# -> res_users.check_credentials()
|
||||
except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
|
||||
# All other exceptions mean undetermined status (e.g. connection pool full),
|
||||
# let them bubble up
|
||||
request.session.logout()
|
||||
getattr(self, "_auth_method_%s" % auth_method)()
|
||||
except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
|
||||
raise
|
||||
except Exception:
|
||||
_logger.exception("Exception during request Authentication.")
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
return auth_method
|
||||
|
||||
def _handle_exception(self, exception):
|
||||
|
@ -99,11 +105,6 @@ class ir_http(osv.AbstractModel):
|
|||
try:
|
||||
auth_method = self._authenticate(func.routing["auth"])
|
||||
except Exception, e:
|
||||
# Json requests have their own exception handler
|
||||
# therefore we should not alter their exception's type
|
||||
if func.routing.get('type') != 'json':
|
||||
# for the rest, convert to a Forbidden exception keeping the original traceback
|
||||
e = convert_exception_to(werkzeug.exceptions.Forbidden)
|
||||
return self._handle_exception(e)
|
||||
|
||||
processing = self._postprocess_args(arguments)
|
||||
|
|
|
@ -208,8 +208,6 @@ class WebRequest(object):
|
|||
to abitrary responses. Anything returned (except None) will
|
||||
be used as response."""
|
||||
self._failed = exception # prevent tx commit
|
||||
if isinstance(exception, werkzeug.exceptions.HTTPException):
|
||||
return exception
|
||||
raise
|
||||
|
||||
def _call_function(self, *args, **kwargs):
|
||||
|
@ -456,6 +454,17 @@ class HttpRequest(WebRequest):
|
|||
params.pop('session_id', None)
|
||||
self.params = params
|
||||
|
||||
def _handle_exception(self, exception):
|
||||
"""Called within an except block to allow converting exceptions
|
||||
to abitrary responses. Anything returned (except None) will
|
||||
be used as response."""
|
||||
try:
|
||||
return super(HttpRequest, self)._handle_exception(exception)
|
||||
except Exception, e:
|
||||
if isinstance(e, werkzeug.exceptions.HTTPException):
|
||||
return e
|
||||
raise
|
||||
|
||||
def dispatch(self):
|
||||
# TODO: refactor this correctly. This is a quick fix for pos demo.
|
||||
if request.httprequest.method == 'OPTIONS' and request.func and request.func.routing.get('cors'):
|
||||
|
|
Loading…
Reference in New Issue