[IMP] exceptions: replace ExceptionNoTb with AccessDenied.
bzr revid: vmt@openerp.com-20110926125358-8yy4tvnemfna72u7
This commit is contained in:
parent
f16e2ef10a
commit
bbd10d96c0
|
@ -35,6 +35,7 @@ from osv import fields,osv
|
|||
from osv.orm import browse_record
|
||||
from service import security
|
||||
from tools.translate import _
|
||||
import openerp.exceptions
|
||||
|
||||
class groups(osv.osv):
|
||||
_name = "res.groups"
|
||||
|
@ -437,14 +438,14 @@ class users(osv.osv):
|
|||
if passwd == tools.config['admin_passwd']:
|
||||
return True
|
||||
else:
|
||||
raise security.ExceptionNoTb('AccessDenied')
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
|
||||
def check(self, db, uid, passwd):
|
||||
"""Verifies that the given (uid, password) pair is authorized for the database ``db`` and
|
||||
raise an exception if it is not."""
|
||||
if not passwd:
|
||||
# empty passwords disallowed for obvious security reasons
|
||||
raise security.ExceptionNoTb('AccessDenied')
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
if self._uid_cache.get(db, {}).get(uid) == passwd:
|
||||
return
|
||||
cr = pooler.get_db(db).cursor()
|
||||
|
@ -453,7 +454,7 @@ class users(osv.osv):
|
|||
(int(uid), passwd, True))
|
||||
res = cr.fetchone()[0]
|
||||
if not res:
|
||||
raise security.ExceptionNoTb('AccessDenied')
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
if self._uid_cache.has_key(db):
|
||||
ulist = self._uid_cache[db]
|
||||
ulist[uid] = passwd
|
||||
|
@ -470,7 +471,7 @@ class users(osv.osv):
|
|||
cr.execute('SELECT id FROM res_users WHERE id=%s AND password=%s', (uid, passwd))
|
||||
res = cr.fetchone()
|
||||
if not res:
|
||||
raise security.ExceptionNoTb('Bad username or password')
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
return res[0]
|
||||
finally:
|
||||
cr.close()
|
||||
|
@ -481,7 +482,7 @@ class users(osv.osv):
|
|||
password is not used to authenticate requests.
|
||||
|
||||
:return: True
|
||||
:raise: security.ExceptionNoTb when old password is wrong
|
||||
:raise: openerp.exceptions.AccessDenied when old password is wrong
|
||||
:raise: except_osv when new password is not set or empty
|
||||
"""
|
||||
self.check(cr.dbname, uid, old_passwd)
|
||||
|
|
|
@ -30,14 +30,10 @@ from psycopg2 import IntegrityError, errorcodes
|
|||
from openerp.tools.func import wraps
|
||||
from openerp.tools.translate import translate
|
||||
from openerp.osv.orm import MetaModel
|
||||
import openerp.exceptions
|
||||
|
||||
|
||||
class except_osv(Exception):
|
||||
def __init__(self, name, value, exc_type='warning'):
|
||||
self.name = name
|
||||
self.exc_type = exc_type
|
||||
self.value = value
|
||||
self.args = (exc_type, name)
|
||||
# For backward compatibility
|
||||
except_osv = openerp.exceptions.Warning
|
||||
|
||||
service = None
|
||||
|
||||
|
|
|
@ -19,18 +19,12 @@
|
|||
#
|
||||
##############################################################################
|
||||
|
||||
import openerp.exceptions
|
||||
import openerp.pooler as pooler
|
||||
import openerp.tools as tools
|
||||
|
||||
#.apidoc title: Authentication helpers
|
||||
|
||||
class ExceptionNoTb(Exception):
|
||||
""" When rejecting a password, hide the traceback
|
||||
"""
|
||||
def __init__(self, msg):
|
||||
super(ExceptionNoTb, self).__init__(msg)
|
||||
self.traceback = ('','','')
|
||||
|
||||
def login(db, login, password):
|
||||
pool = pooler.get_pool(db)
|
||||
user_obj = pool.get('res.users')
|
||||
|
@ -40,7 +34,7 @@ def check_super(passwd):
|
|||
if passwd == tools.config['admin_passwd']:
|
||||
return True
|
||||
else:
|
||||
raise ExceptionNoTb('AccessDenied: Invalid super administrator password.')
|
||||
raise openerp.exceptions.AccessDenied()
|
||||
|
||||
def check(db, uid, passwd):
|
||||
pool = pooler.get_pool(db)
|
||||
|
|
Loading…
Reference in New Issue