Changed as per the recommandation of Sir Odo
This commit is contained in:
parent
9b0d8c0503
commit
624f256f61
|
@ -71,6 +71,7 @@ class ir_http(osv.AbstractModel):
|
||||||
request.uid = request.session.uid
|
request.uid = request.session.uid
|
||||||
|
|
||||||
def _authenticate(self, auth_method='user'):
|
def _authenticate(self, auth_method='user'):
|
||||||
|
try:
|
||||||
if request.session.uid:
|
if request.session.uid:
|
||||||
try:
|
try:
|
||||||
request.session.check_security()
|
request.session.check_security()
|
||||||
|
@ -82,6 +83,11 @@ class ir_http(osv.AbstractModel):
|
||||||
# let them bubble up
|
# let them bubble up
|
||||||
request.session.logout()
|
request.session.logout()
|
||||||
getattr(self, "_auth_method_%s" % auth_method)()
|
getattr(self, "_auth_method_%s" % auth_method)()
|
||||||
|
except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
|
||||||
|
raise
|
||||||
|
except Exception:
|
||||||
|
_logger.exception("Exception during request Authentication.")
|
||||||
|
raise openerp.exceptions.AccessDenied()
|
||||||
return auth_method
|
return auth_method
|
||||||
|
|
||||||
def _handle_exception(self, exception):
|
def _handle_exception(self, exception):
|
||||||
|
@ -99,11 +105,6 @@ class ir_http(osv.AbstractModel):
|
||||||
try:
|
try:
|
||||||
auth_method = self._authenticate(func.routing["auth"])
|
auth_method = self._authenticate(func.routing["auth"])
|
||||||
except Exception, e:
|
except Exception, e:
|
||||||
# Json requests have their own exception handler
|
|
||||||
# therefore we should not alter their exception's type
|
|
||||||
if func.routing.get('type') != 'json':
|
|
||||||
# for the rest, convert to a Forbidden exception keeping the original traceback
|
|
||||||
e = convert_exception_to(werkzeug.exceptions.Forbidden)
|
|
||||||
return self._handle_exception(e)
|
return self._handle_exception(e)
|
||||||
|
|
||||||
processing = self._postprocess_args(arguments)
|
processing = self._postprocess_args(arguments)
|
||||||
|
|
|
@ -208,8 +208,6 @@ class WebRequest(object):
|
||||||
to abitrary responses. Anything returned (except None) will
|
to abitrary responses. Anything returned (except None) will
|
||||||
be used as response."""
|
be used as response."""
|
||||||
self._failed = exception # prevent tx commit
|
self._failed = exception # prevent tx commit
|
||||||
if isinstance(exception, werkzeug.exceptions.HTTPException):
|
|
||||||
return exception
|
|
||||||
raise
|
raise
|
||||||
|
|
||||||
def _call_function(self, *args, **kwargs):
|
def _call_function(self, *args, **kwargs):
|
||||||
|
@ -456,6 +454,17 @@ class HttpRequest(WebRequest):
|
||||||
params.pop('session_id', None)
|
params.pop('session_id', None)
|
||||||
self.params = params
|
self.params = params
|
||||||
|
|
||||||
|
def _handle_exception(self, exception):
|
||||||
|
"""Called within an except block to allow converting exceptions
|
||||||
|
to abitrary responses. Anything returned (except None) will
|
||||||
|
be used as response."""
|
||||||
|
try:
|
||||||
|
return super(HttpRequest, self)._handle_exception(exception)
|
||||||
|
except Exception, e:
|
||||||
|
if isinstance(e, werkzeug.exceptions.HTTPException):
|
||||||
|
return e
|
||||||
|
raise
|
||||||
|
|
||||||
def dispatch(self):
|
def dispatch(self):
|
||||||
# TODO: refactor this correctly. This is a quick fix for pos demo.
|
# TODO: refactor this correctly. This is a quick fix for pos demo.
|
||||||
if request.httprequest.method == 'OPTIONS' and request.func and request.func.routing.get('cors'):
|
if request.httprequest.method == 'OPTIONS' and request.func and request.func.routing.get('cors'):
|
||||||
|
|
Loading…
Reference in New Issue