X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FAuth.py;h=37eab0f123da74226dca6273ff291ba10d873090;hb=22703dd5d47683ae2e9634be556d673823d63618;hp=89e5ca1f0185e09eaf67f525f8a8a250716f441e;hpb=dfa60d2537c7169316637565e0e463a9fe63857e;p=plcapi.git

diff --git a/PLC/Auth.py b/PLC/Auth.py
index 89e5ca1..37eab0f 100644
--- a/PLC/Auth.py
+++ b/PLC/Auth.py
@@ -132,6 +132,9 @@ class SessionAuth(Auth):
                 node = nodes[0]
 
                 if 'node' not in method.roles:
+                    # using PermissionDenied rather than AuthenticationFailure here because
+                    # if that fails we don't want to delete the session..
+                    raise PLCPermissionDenied, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
                     raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
 
                 method.caller = node