Commit 47aba233 authored by Titouan Soulard's avatar Titouan Soulard

erp5_api_style: fix Unauthorized exception to avoid redirect

parent 30bdb3d3
...@@ -33,10 +33,26 @@ from Acquisition import aq_inner ...@@ -33,10 +33,26 @@ from Acquisition import aq_inner
from OFS.Traversable import NotFound from OFS.Traversable import NotFound
from erp5.component.document.WebSection import WebSection from erp5.component.document.WebSection import WebSection
from Products.ERP5Type import Permissions from Products.ERP5Type import Permissions
from zExceptions import HTTPClientError
from zLOG import LOG, INFO from zLOG import LOG, INFO
MARKER = [] MARKER = []
# Redefine an Unauthorized error to avoid Zope redirecting the user to the main ERP5 login form
class jIOUnauthorized(HTTPClientError):
errmsg = 'Unauthorized'
status = 401
def __init__(self, underlyingError):
HTTPClientError.__init__(self)
self.underlyingError = underlyingError
def __str__(self):
return str(self.underlyingError)
def __bytes__(self):
return bytes(self.underlyingError)
def convertTojIOAPICall(function): def convertTojIOAPICall(function):
""" """
Wrap the method to create a log entry for each invocation to the zope logger Wrap the method to create a log entry for each invocation to the zope logger
...@@ -45,19 +61,18 @@ def convertTojIOAPICall(function): ...@@ -45,19 +61,18 @@ def convertTojIOAPICall(function):
""" """
Log the call, and the result of the call Log the call, and the result of the call
""" """
assert(self.REQUEST.REQUEST_METHOD == "POST")
try: try:
self.REQUEST.response.setHeader("Content-Type", "application/json") self.REQUEST.response.setHeader("Content-Type", "application/json")
retval = function(self, *args, **kwd) retval = function(self, *args, **kwd)
except Unauthorized, e: except Unauthorized, e:
LOG('jIOWebSection', INFO, 'Converting Unauthorized to Unauthorized error mesage in JSON,',
error=True)
body = self.ERP5Site_logApiErrorAndReturn( body = self.ERP5Site_logApiErrorAndReturn(
error_code="403", error_code="401",
error_message=str(e), error_message=str(e),
error_name="Unauthorized" error_name="Unauthorized"
) )
self.REQUEST.response.setBody(body, lock=True) self.REQUEST.response.setBody(body, lock=True)
raise raise jIOUnauthorized(e)
except NotFound, e: except NotFound, e:
LOG('jIOWebSection', INFO, 'Converting NotFound to NotFound error mesage in JSON,', LOG('jIOWebSection', INFO, 'Converting NotFound to NotFound error mesage in JSON,',
error=True) error=True)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment