[IMP] exceptions: replace ExceptionNoTb with AccessDenied.
bzr revid: vmt@openerp.com-20110926125358-8yy4tvnemfna72u7
This commit is contained in:
parent
f16e2ef10a
commit
bbd10d96c0
|
@ -35,6 +35,7 @@ from osv import fields,osv
|
||||||
from osv.orm import browse_record
|
from osv.orm import browse_record
|
||||||
from service import security
|
from service import security
|
||||||
from tools.translate import _
|
from tools.translate import _
|
||||||
|
import openerp.exceptions
|
||||||
|
|
||||||
class groups(osv.osv):
|
class groups(osv.osv):
|
||||||
_name = "res.groups"
|
_name = "res.groups"
|
||||||
|
@ -437,14 +438,14 @@ class users(osv.osv):
|
||||||
if passwd == tools.config['admin_passwd']:
|
if passwd == tools.config['admin_passwd']:
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
raise security.ExceptionNoTb('AccessDenied')
|
raise openerp.exceptions.AccessDenied()
|
||||||
|
|
||||||
def check(self, db, uid, passwd):
|
def check(self, db, uid, passwd):
|
||||||
"""Verifies that the given (uid, password) pair is authorized for the database ``db`` and
|
"""Verifies that the given (uid, password) pair is authorized for the database ``db`` and
|
||||||
raise an exception if it is not."""
|
raise an exception if it is not."""
|
||||||
if not passwd:
|
if not passwd:
|
||||||
# empty passwords disallowed for obvious security reasons
|
# empty passwords disallowed for obvious security reasons
|
||||||
raise security.ExceptionNoTb('AccessDenied')
|
raise openerp.exceptions.AccessDenied()
|
||||||
if self._uid_cache.get(db, {}).get(uid) == passwd:
|
if self._uid_cache.get(db, {}).get(uid) == passwd:
|
||||||
return
|
return
|
||||||
cr = pooler.get_db(db).cursor()
|
cr = pooler.get_db(db).cursor()
|
||||||
|
@ -453,7 +454,7 @@ class users(osv.osv):
|
||||||
(int(uid), passwd, True))
|
(int(uid), passwd, True))
|
||||||
res = cr.fetchone()[0]
|
res = cr.fetchone()[0]
|
||||||
if not res:
|
if not res:
|
||||||
raise security.ExceptionNoTb('AccessDenied')
|
raise openerp.exceptions.AccessDenied()
|
||||||
if self._uid_cache.has_key(db):
|
if self._uid_cache.has_key(db):
|
||||||
ulist = self._uid_cache[db]
|
ulist = self._uid_cache[db]
|
||||||
ulist[uid] = passwd
|
ulist[uid] = passwd
|
||||||
|
@ -470,7 +471,7 @@ class users(osv.osv):
|
||||||
cr.execute('SELECT id FROM res_users WHERE id=%s AND password=%s', (uid, passwd))
|
cr.execute('SELECT id FROM res_users WHERE id=%s AND password=%s', (uid, passwd))
|
||||||
res = cr.fetchone()
|
res = cr.fetchone()
|
||||||
if not res:
|
if not res:
|
||||||
raise security.ExceptionNoTb('Bad username or password')
|
raise openerp.exceptions.AccessDenied()
|
||||||
return res[0]
|
return res[0]
|
||||||
finally:
|
finally:
|
||||||
cr.close()
|
cr.close()
|
||||||
|
@ -481,7 +482,7 @@ class users(osv.osv):
|
||||||
password is not used to authenticate requests.
|
password is not used to authenticate requests.
|
||||||
|
|
||||||
:return: True
|
:return: True
|
||||||
:raise: security.ExceptionNoTb when old password is wrong
|
:raise: openerp.exceptions.AccessDenied when old password is wrong
|
||||||
:raise: except_osv when new password is not set or empty
|
:raise: except_osv when new password is not set or empty
|
||||||
"""
|
"""
|
||||||
self.check(cr.dbname, uid, old_passwd)
|
self.check(cr.dbname, uid, old_passwd)
|
||||||
|
|
|
@ -30,14 +30,10 @@ from psycopg2 import IntegrityError, errorcodes
|
||||||
from openerp.tools.func import wraps
|
from openerp.tools.func import wraps
|
||||||
from openerp.tools.translate import translate
|
from openerp.tools.translate import translate
|
||||||
from openerp.osv.orm import MetaModel
|
from openerp.osv.orm import MetaModel
|
||||||
|
import openerp.exceptions
|
||||||
|
|
||||||
|
# For backward compatibility
|
||||||
class except_osv(Exception):
|
except_osv = openerp.exceptions.Warning
|
||||||
def __init__(self, name, value, exc_type='warning'):
|
|
||||||
self.name = name
|
|
||||||
self.exc_type = exc_type
|
|
||||||
self.value = value
|
|
||||||
self.args = (exc_type, name)
|
|
||||||
|
|
||||||
service = None
|
service = None
|
||||||
|
|
||||||
|
|
|
@ -19,18 +19,12 @@
|
||||||
#
|
#
|
||||||
##############################################################################
|
##############################################################################
|
||||||
|
|
||||||
|
import openerp.exceptions
|
||||||
import openerp.pooler as pooler
|
import openerp.pooler as pooler
|
||||||
import openerp.tools as tools
|
import openerp.tools as tools
|
||||||
|
|
||||||
#.apidoc title: Authentication helpers
|
#.apidoc title: Authentication helpers
|
||||||
|
|
||||||
class ExceptionNoTb(Exception):
|
|
||||||
""" When rejecting a password, hide the traceback
|
|
||||||
"""
|
|
||||||
def __init__(self, msg):
|
|
||||||
super(ExceptionNoTb, self).__init__(msg)
|
|
||||||
self.traceback = ('','','')
|
|
||||||
|
|
||||||
def login(db, login, password):
|
def login(db, login, password):
|
||||||
pool = pooler.get_pool(db)
|
pool = pooler.get_pool(db)
|
||||||
user_obj = pool.get('res.users')
|
user_obj = pool.get('res.users')
|
||||||
|
@ -40,7 +34,7 @@ def check_super(passwd):
|
||||||
if passwd == tools.config['admin_passwd']:
|
if passwd == tools.config['admin_passwd']:
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
raise ExceptionNoTb('AccessDenied: Invalid super administrator password.')
|
raise openerp.exceptions.AccessDenied()
|
||||||
|
|
||||||
def check(db, uid, passwd):
|
def check(db, uid, passwd):
|
||||||
pool = pooler.get_pool(db)
|
pool = pooler.get_pool(db)
|
||||||
|
|
Loading…
Reference in New Issue