do not delete session when node is trying to call a method that it is not allowed to

author Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>

Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)

committer Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>

Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)
author Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)
committer Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)
diff --git a/PLC/Auth.py b/PLC/Auth.py

index 89e5ca1..37eab0f 100644 (file)
--- a/PLC/Auth.py
+++ b/PLC/Auth.py
@@ -132,6 +132,9 @@ class SessionAuth(Auth):
                  node = nodes[0]
  
                  if 'node' not in method.roles:
+                    # using PermissionDenied rather than AuthenticationFailure here because
+                    # if that fails we don't want to delete the session..
+                    raise PLCPermissionDenied, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
                      raise PLCAuthenticationFailure, "SessionAuth: Not allowed to call method %s, missing 'node' role"%method.name
  
                  method.caller = node
author	Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
	Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)
committer	Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr>
	Wed, 2 Feb 2011 15:34:21 +0000 (16:34 +0100)