From 4e63f1d1dd075b9d5ab88f639ee500950f0a9944 Mon Sep 17 00:00:00 2001 From: Thierry Parmentelat Date: Mon, 6 Dec 2010 16:43:49 +0100 Subject: [PATCH] more explicit messages in case of missing role --- PLC/Auth.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/PLC/Auth.py b/PLC/Auth.py index 8a6db57..b519b1b 100644 --- a/PLC/Auth.py +++ b/PLC/Auth.py @@ -132,7 +132,7 @@ class SessionAuth(Auth): node = nodes[0] if 'node' not in method.roles: - raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method, missing 'node' role" + raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name method.caller = node @@ -143,9 +143,12 @@ class SessionAuth(Auth): person = persons[0] if not set(person['roles']).intersection(method.roles): - raise PLCPermissionDenied, "Not allowed to call method, missing role" + method_message="method %s has roles [%s]"%(method.name,','.join(method.roles)) + person_message="caller has roles [%s]"%','.join(person['roles']) + # not PLCAuthenticationFailure b/c that would end the session.. + raise PLCPermissionDenied, "SessionAuth: missing role, %s -- %s"%(method_message,person_message) - method.caller = persons[0] + method.caller = person else: raise PLCAuthenticationFailure, "SessionAuth: Invalid session" @@ -324,7 +327,9 @@ class PasswordAuth(Auth): raise PLCAuthenticationFailure, "PasswordAuth: Password verification failed" if not set(person['roles']).intersection(method.roles): - raise PLCAuthenticationFailure, "PasswordAuth: Not allowed to call method, missing role" + method_message="method %s has roles [%s]"%(method.name,','.join(method.roles)) + person_message="caller has roles [%s]"%','.join(person['roles']) + raise PLCAuthenticationFailure, "PasswordAuth: missing role, %s -- %s"%(method_message,person_message) method.caller = person -- 2.43.0