[IMP] ir_http: don't handle exception in dev mode but use the werkzeug debugger excep...

[odoo/odoo.git] / openerp / addons / base / ir / ir_http.py

diff --git a/openerp/addons/base/ir/ir_http.py b/openerp/addons/base/ir/ir_http.py
index dae3515..c70be2c 100644 (file)
--- a/openerp/addons/base/ir/ir_http.py
+++ b/openerp/addons/base/ir/ir_http.py
@@ -63,12 +63,6 @@ class ir_http(osv.AbstractModel):
     def _auth_method_user(self):
         request.uid = request.session.uid
         if not request.uid:
-            if not request.params.get('noredirect'):
-                query = werkzeug.urls.url_encode({
-                    'redirect': request.httprequest.url,
-                })
-                response = werkzeug.utils.redirect('/web/login?%s' % query)
-                werkzeug.exceptions.abort(response)
             raise http.SessionExpiredException("Session expired")
 
     def _auth_method_none(self):
@@ -91,7 +85,7 @@ class ir_http(osv.AbstractModel):
                 except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
                     # All other exceptions mean undetermined status (e.g. connection pool full),
                     # let them bubble up
-                    request.session.logout()
+                    request.session.logout(keep_db=True)
             getattr(self, "_auth_method_%s" % auth_method)()
         except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
             raise
@@ -102,7 +96,14 @@ class ir_http(osv.AbstractModel):
 
     def _handle_exception(self, exception):
         # If handle_exception returns something different than None, it will be used as a response
-        return request._handle_exception(exception)
+
+        # Don't handle exception but use werkeug debugger if server in --dev mode
+        if openerp.tools.config['dev_mode']:
+            raise
+        try:
+            return request._handle_exception(exception)
+        except openerp.exceptions.AccessDenied:
+            return werkzeug.exceptions.Forbidden()
 
     def _dispatch(self):
         # locate the controller method
@@ -115,17 +116,13 @@ class ir_http(osv.AbstractModel):
         # check authentication level
         try:
             auth_method = self._authenticate(func.routing["auth"])
-        except Exception:
-            # force a Forbidden exception with the original traceback
-            return self._handle_exception(
-                convert_exception_to(
-                    werkzeug.exceptions.Forbidden))
+        except Exception as e:
+            return self._handle_exception(e)
 
         processing = self._postprocess_args(arguments, rule)
         if processing:
             return processing
 
-
         # set and execute handler
         try:
             request.set_handler(func, arguments, auth_method)