Mercurial > moin > 1.9
changeset 6067:082b1a458d55
log username, if exists, when abused action not presented to user
author | 'Karl O. Pinc' <kop@meme.com> |
---|---|
date | Thu, 04 Sep 2014 14:18:56 -0500 |
parents | 68092d872ecc |
children | 4dbfb3fec02a |
files | MoinMoin/wsgiapp.py |
diffstat | 1 files changed, 10 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/wsgiapp.py Thu Sep 04 14:09:28 2014 -0500 +++ b/MoinMoin/wsgiapp.py Thu Sep 04 14:18:56 2014 -0500 @@ -171,10 +171,13 @@ # Disallow non available actions elif action_name[0].isupper() and not action_name in \ get_available_actions(cfg, context.page, context.user): - log_attempt(action_name, False, request, page=pagename) msg = _("You are not allowed to do %(action_name)s on this page.") % { 'action_name': wikiutil.escape(action_name), } - if not context.user.valid: + if context.user.valid: + log_attempt(action_name, False, request, + context.user.name, page=pagename) + else: + log_attempt(action_name, False, request, page=pagename) # Suggest non valid user to login msg += " " + _("Login and try again.") @@ -186,10 +189,13 @@ from MoinMoin import action handler = action.getHandler(context, action_name) if handler is None: - log_attempt(action_name, False, request, page=pagename) msg = _("You are not allowed to do %(action_name)s on this page.") % { 'action_name': wikiutil.escape(action_name), } - if not context.user.valid: + if context.user.valid: + log_attempt(action_name, False, request, + context.user.name, page=pagename) + else: + log_attempt(action_name, False, request, page=pagename) # Suggest non valid user to login msg += " " + _("Login and try again.") context.theme.add_msg(msg, "error")