git://git.onelab.eu
/
plcapi.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
do not delete session when node is trying to call a method that it is not allowed to
[plcapi.git]
/
PLC
/
Auth.py
diff --git
a/PLC/Auth.py
b/PLC/Auth.py
index
89e5ca1
..
37eab0f
100644
(file)
--- a/
PLC/Auth.py
+++ b/
PLC/Auth.py
@@
-132,6
+132,9
@@
class SessionAuth(Auth):
node = nodes[0]
if 'node' not in method.roles:
node = nodes[0]
if 'node' not in method.roles:
+ # using PermissionDenied rather than AuthenticationFailure here because
+ # if that fails we don't want to delete the session..
+ raise PLCPermissionDenied, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
method.caller = node
raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
method.caller = node