From 3acb26e0ac5bc5de68effe62d0878ba674e40369 Mon Sep 17 00:00:00 2001
From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Thu, 27 Sep 2012 12:24:41 +0200
Subject: [PATCH] cosmetic - this code is broken, moving the matter to Tony

---
 sfa/trust/auth.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py
index 96fd208e..5d48a943 100644
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -35,7 +35,6 @@ class Auth:
         self.trusted_cert_file_list = TrustedRoots(self.config.get_trustedroots_dir()).get_file_list()
 
         
-        
     def checkCredentials(self, creds, operation, xrns=[]):
         if not isinstance(xrns, list):
             xrns = [xrns]
@@ -43,8 +42,10 @@ class Auth:
         valid = []
         if not isinstance(creds, list):
             creds = [creds]
-        logger.debug("Auth.checkCredentials with %d creds"%len(creds))
-        error=[ "no credential","was given"]
+        logger.debug("Auth.checkCredentials with %d creds on hrns=%s"%(len(creds),hrns))
+        # won't work if either creds or hrns is empty - let's make it more explicit
+        if not creds: raise InsufficientRights("Access denied - no credential provided")
+        if not hrns: raise InsufficientRights("Access denied - no subject xrn provided")
         for cred in creds:
             for hrn in hrns:
                 try:
-- 
2.43.0