[FIX] auth_oauth: improve method _auth_oauth_signin

bzr revid: rco@openerp.com-20121126104251-j6355zk91f468y5y
2012-11-26 11:42:51 +01:00 · 2012-11-26 11:42:51 +01:00 · 867a84c3f8
parent c15ca7dbe9
commit 867a84c3f8
1 changed files with 8 additions and 8 deletions
--- a/addons/auth_oauth/res_users.py
+++ b/addons/auth_oauth/res_users.py
@ -47,21 +47,21 @@ class res_users(osv.Model):

    def _auth_oauth_signin(self, cr, uid, provider, validation, params, context=None):
        """ retrieve and sign in the user corresponding to provider and validated access token
-            :param provider: oauth provider id
+            :param provider: oauth provider id (int)
            :param validation: result of validation of access token (dict)
            :param params: oauth parameters (dict)
-            :return: login or None
+            :return: user login (str)

            This method can be overridden to add alternative signin methods.
        """
        oauth_uid = validation['user_id']
        user_ids = self.search(cr, uid, [("oauth_uid", "=", oauth_uid), ('oauth_provider_id', '=', provider)])
-        if user_ids:
-            assert len(user_ids) == 1
-            user = self.browse(cr, uid, user_ids[0], context=context)
-            user.write({'oauth_access_token': access_token})
-            return user.login
-        return None
+        if not user_ids:
+            raise openerp.exceptions.AccessDenied()
+        assert len(user_ids) == 1
+        user = self.browse(cr, uid, user_ids[0], context=context)
+        user.write({'oauth_access_token': params['access_token']})
+        return user.login

    def auth_oauth(self, cr, uid, provider, params, context=None):
        # Advice by Google (to avoid Confused Deputy Problem)