From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Thu, 27 Sep 2012 10:24:41 +0000 (+0200)
Subject: cosmetic - this code is broken, moving the matter to Tony
X-Git-Tag: sfa-3.0-0~112^2
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=3acb26e0ac5bc5de68effe62d0878ba674e40369;p=sfa.git

cosmetic - this code is broken, moving the matter to Tony
---

diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py
index 96fd208e..5d48a943 100644
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -35,7 +35,6 @@ class Auth:
         self.trusted_cert_file_list = TrustedRoots(self.config.get_trustedroots_dir()).get_file_list()
 
         
-        
     def checkCredentials(self, creds, operation, xrns=[]):
         if not isinstance(xrns, list):
             xrns = [xrns]
@@ -43,8 +42,10 @@ class Auth:
         valid = []
         if not isinstance(creds, list):
             creds = [creds]
-        logger.debug("Auth.checkCredentials with %d creds"%len(creds))
-        error=[ "no credential","was given"]
+        logger.debug("Auth.checkCredentials with %d creds on hrns=%s"%(len(creds),hrns))
+        # won't work if either creds or hrns is empty - let's make it more explicit
+        if not creds: raise InsufficientRights("Access denied - no credential provided")
+        if not hrns: raise InsufficientRights("Access denied - no subject xrn provided")
         for cred in creds:
             for hrn in hrns:
                 try: