In some cases the authentication check can fail
for an unknown reason (e.g. connection pool is
temporarily full). This should not be treated
as an authentication failure, as the status is
really unknown. Let those exceptions bubble up
instead.
bzr revid: odo@openerp.com-
20140228170712-l8smq6u3cmvjtd5e
# what if error in security.check()
# -> res_users.check()
# -> res_users.check_credentials()
- except Exception:
+ except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
+ # All other exceptions mean undetermined status (e.g. connection pool full),
+ # let them bubble up
request.session.logout()
getattr(self, "_auth_method_%s" % auth_method)()
return auth_method