From 3ac1d7021c96c6ebad14796c39f32233597846ad Mon Sep 17 00:00:00 2001
From: Romain Courteaud <romain@nexedi.com>
Date: Wed, 15 Jun 2011 11:07:13 +0200
Subject: [PATCH] Raise a 403 error when a convertion is not accessible. This
 prevent triggering authentification popup on the browser side (in case of
 Unauthorized error) which make the UI not usable.

---
 product/ERP5/mixin/downloadable.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/product/ERP5/mixin/downloadable.py b/product/ERP5/mixin/downloadable.py
index 2989872862..827f87a93e 100644
--- a/product/ERP5/mixin/downloadable.py
+++ b/product/ERP5/mixin/downloadable.py
@@ -32,6 +32,7 @@ from Products.ERP5Type.Utils import fill_args_from_request
 from Products.CMFCore.utils import getToolByName, _setCacheHeaders,\
     _ViewEmulator
 import warnings
+from zExceptions import Forbidden
 
 _MARKER = []
 
@@ -79,6 +80,9 @@ class DownloadableMixin:
     if format is _MARKER:
       format = None
     self._checkConversionFormatPermission(format, **kw)
+    if not self.checkConversionFormatPermission(format, **kw):
+      raise Forbidden('You are not allowed to get this document in this ' \
+                      'format')
     mime, data = self.convert(format, **kw)
     output_format = None
     if not format:
-- 
2.30.9