From 3ac1d7021c96c6ebad14796c39f32233597846ad Mon Sep 17 00:00:00 2001 From: Romain Courteaud <romain@nexedi.com> Date: Wed, 15 Jun 2011 11:07:13 +0200 Subject: [PATCH] Raise a 403 error when a convertion is not accessible. This prevent triggering authentification popup on the browser side (in case of Unauthorized error) which make the UI not usable. --- product/ERP5/mixin/downloadable.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/product/ERP5/mixin/downloadable.py b/product/ERP5/mixin/downloadable.py index 2989872862..827f87a93e 100644 --- a/product/ERP5/mixin/downloadable.py +++ b/product/ERP5/mixin/downloadable.py @@ -32,6 +32,7 @@ from Products.ERP5Type.Utils import fill_args_from_request from Products.CMFCore.utils import getToolByName, _setCacheHeaders,\ _ViewEmulator import warnings +from zExceptions import Forbidden _MARKER = [] @@ -79,6 +80,9 @@ class DownloadableMixin: if format is _MARKER: format = None self._checkConversionFormatPermission(format, **kw) + if not self.checkConversionFormatPermission(format, **kw): + raise Forbidden('You are not allowed to get this document in this ' \ + 'format') mime, data = self.convert(format, **kw) output_format = None if not format: -- 2.30.9