request.uid = request.session.uid
def _authenticate(self, auth_method='user'):
- if request.session.uid:
- try:
- request.session.check_security()
- # what if error in security.check()
- # -> res_users.check()
- # -> res_users.check_credentials()
- except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
- # All other exceptions mean undetermined status (e.g. connection pool full),
- # let them bubble up
- request.session.logout()
- getattr(self, "_auth_method_%s" % auth_method)()
+ try:
+ if request.session.uid:
+ try:
+ request.session.check_security()
+ # what if error in security.check()
+ # -> res_users.check()
+ # -> res_users.check_credentials()
+ except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
+ # All other exceptions mean undetermined status (e.g. connection pool full),
+ # let them bubble up
+ request.session.logout()
+ getattr(self, "_auth_method_%s" % auth_method)()
+ except (openerp.exceptions.AccessDenied, openerp.http.SessionExpiredException):
+ raise
+ except Exception:
+ _logger.exception("Exception during request Authentication.")
+ raise openerp.exceptions.AccessDenied()
return auth_method
def _handle_exception(self, exception):
try:
auth_method = self._authenticate(func.routing["auth"])
except Exception, e:
- # Json requests have their own exception handler
- # therefore we should not alter their exception's type
- if func.routing.get('type') != 'json':
- # for the rest, convert to a Forbidden exception keeping the original traceback
- e = convert_exception_to(werkzeug.exceptions.Forbidden)
return self._handle_exception(e)
processing = self._postprocess_args(arguments)
to abitrary responses. Anything returned (except None) will
be used as response."""
self._failed = exception # prevent tx commit
- if isinstance(exception, werkzeug.exceptions.HTTPException):
- return exception
raise
def _call_function(self, *args, **kwargs):
params.pop('session_id', None)
self.params = params
+ def _handle_exception(self, exception):
+ """Called within an except block to allow converting exceptions
+ to abitrary responses. Anything returned (except None) will
+ be used as response."""
+ try:
+ return super(HttpRequest, self)._handle_exception(exception)
+ except Exception, e:
+ if isinstance(e, werkzeug.exceptions.HTTPException):
+ return e
+ raise
+
def dispatch(self):
# TODO: refactor this correctly. This is a quick fix for pos demo.
if request.httprequest.method == 'OPTIONS' and request.func and request.func.routing.get('cors'):