changeset 6067:082b1a458d55

log username, if exists, when abused action not presented to user
author 'Karl O. Pinc' <kop@meme.com>
date Thu, 04 Sep 2014 14:18:56 -0500
parents 68092d872ecc
children 4dbfb3fec02a
files MoinMoin/wsgiapp.py
diffstat 1 files changed, 10 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/wsgiapp.py	Thu Sep 04 14:09:28 2014 -0500
+++ b/MoinMoin/wsgiapp.py	Thu Sep 04 14:18:56 2014 -0500
@@ -171,10 +171,13 @@
     # Disallow non available actions
     elif action_name[0].isupper() and not action_name in \
             get_available_actions(cfg, context.page, context.user):
-        log_attempt(action_name, False, request, page=pagename)
         msg = _("You are not allowed to do %(action_name)s on this page.") % {
                 'action_name': wikiutil.escape(action_name), }
-        if not context.user.valid:
+        if context.user.valid:
+            log_attempt(action_name, False, request,
+                        context.user.name, page=pagename)
+        else:
+            log_attempt(action_name, False, request, page=pagename)
             # Suggest non valid user to login
             msg += " " + _("Login and try again.")
 
@@ -186,10 +189,13 @@
         from MoinMoin import action
         handler = action.getHandler(context, action_name)
         if handler is None:
-            log_attempt(action_name, False, request, page=pagename)
             msg = _("You are not allowed to do %(action_name)s on this page.") % {
                     'action_name': wikiutil.escape(action_name), }
-            if not context.user.valid:
+            if context.user.valid:
+                log_attempt(action_name, False, request,
+                            context.user.name, page=pagename)
+            else:
+                log_attempt(action_name, False, request, page=pagename)
                 # Suggest non valid user to login
                 msg += " " + _("Login and try again.")
             context.theme.add_msg(msg, "error")