request.uid = request.session.uid
def _authenticate(self, auth_method='user'):
- if request.session.uid:
- try:
- request.session.check_security()
- # what if error in security.check()
- # -> res_users.check()
- # -> res_users.check_credentials()
- except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
- # All other exceptions mean undetermined status (e.g. connection pool full),
- # let them bubble up
- request.session.logout()
- getattr(self, "_auth_method_%s" % auth_method)()
+ try:
+ if request.session.uid:
+ try:
+ request.session.check_security()
+ # what if error in security.check()
+ # -> res_users.check()
+ # -> res_users.check_credentials()
+ except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
+ # All other exceptions mean undetermined status (e.g. connection pool full),
+ # let them bubble up
+ request.session.logout()
+ getattr(self, "_auth_method_%s" % auth_method)()
+ except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
+ raise
+ except Exception:
+ _logger.exception("Exception during request Authentication.")
+ raise openerp.exceptions.AccessDenied()
return auth_method
def _handle_exception(self, exception):