[Mpuls-commits] r2942 - in base/trunk: . mpulsweb/lib
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Jun 9 13:40:47 CEST 2010
Author: bh
Date: 2010-06-09 13:40:46 +0200 (Wed, 09 Jun 2010)
New Revision: 2942
Modified:
base/trunk/ChangeLog
base/trunk/mpulsweb/lib/security.py
Log:
* mpulsweb/lib/security.py (checkRole.validate): Log the original
exception if an OperationalError is raised by the wrapped function
before raising the HTTPUnauthorized exception. The original
exception may contain important information about the actual
database problem and discarding it would make debugging much
harder.
Modified: base/trunk/ChangeLog
===================================================================
--- base/trunk/ChangeLog 2010-06-09 11:32:03 UTC (rev 2941)
+++ base/trunk/ChangeLog 2010-06-09 11:40:46 UTC (rev 2942)
@@ -1,5 +1,14 @@
2010-06-09 Bernhard Herzog <bh at intevation.de>
+ * mpulsweb/lib/security.py (checkRole.validate): Log the original
+ exception if an OperationalError is raised by the wrapped function
+ before raising the HTTPUnauthorized exception. The original
+ exception may contain important information about the actual
+ database problem and discarding it would make debugging much
+ harder.
+
+2010-06-09 Bernhard Herzog <bh at intevation.de>
+
* mpulsweb/controllers/navigation.py, mpulsweb/lib/base.py,
mpulsweb/lib/dialogs.py, mpulsweb/lib/security.py: Import HTTP
Exceptions from webob.exc instead of paste.httpexceptions. The
Modified: base/trunk/mpulsweb/lib/security.py
===================================================================
--- base/trunk/mpulsweb/lib/security.py 2010-06-09 11:32:03 UTC (rev 2941)
+++ base/trunk/mpulsweb/lib/security.py 2010-06-09 11:40:46 UTC (rev 2942)
@@ -362,6 +362,17 @@
try:
return func(self, *args, **kwargs)
except dbapi.OperationalError, err:
+ # FIXME: An OperationalError at this point does not
+ # necessarily indicate a permission problem, so converting
+ # into it into a HTTPUnauthorized exception is not
+ # necessarily the right thing, even though a permission
+ # problem is a likely cause. At the very least, log the
+ # original exception because it's also likely to indicate a
+ # problem with the database setup and discarding the
+ # information of the original exception would make debugging
+ # much harder.
+ log.exception("Converting DB-API OperationalError into"
+ " an HTTP Unauthorized response")
raise HTTPUnauthorized(detail=UNAUTHORIZED_DETAIL)
return decorator(validate)
More information about the Mpuls-commits
mailing list