changeset 5252:6f6736e7683c

makeForbidden403() is makeForbidden(403, ...) now
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 07 Nov 2009 00:58:24 +0100
parents fab21793f608
children 4155de7a48ca
files MoinMoin/action/edit.py MoinMoin/action/fullsearch.py MoinMoin/action/newaccount.py MoinMoin/action/recoverpass.py MoinMoin/action/serveopenid.py
diffstat 5 files changed, 9 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/action/edit.py	Thu Nov 05 08:53:30 2009 +0100
+++ b/MoinMoin/action/edit.py	Sat Nov 07 00:58:24 2009 +0100
@@ -17,8 +17,8 @@
 
     if 'button_preview' in request.form and 'button_spellcheck' in request.form:
         # multiple buttons pressed at once? must be some spammer/bot
-        request.makeForbidden403()
         request.surge_protect(kick_him=True) # get rid of him
+        request.makeForbidden(403, '')
         return
 
     if not request.user.may.write(pagename):
--- a/MoinMoin/action/fullsearch.py	Thu Nov 05 08:53:30 2009 +0100
+++ b/MoinMoin/action/fullsearch.py	Sat Nov 07 00:58:24 2009 +0100
@@ -60,8 +60,8 @@
     _ = request.getText
     titlesearch = checkTitleSearch(request)
     if titlesearch < 0:
-        request.makeForbidden403()
         request.surge_protect(kick_him=True) # get rid of spammer
+        request.makeForbidden(403, '')
         return
 
     advancedsearch = isAdvancedSearch(request)
--- a/MoinMoin/action/newaccount.py	Thu Nov 05 08:53:30 2009 +0100
+++ b/MoinMoin/action/newaccount.py	Sat Nov 07 00:58:24 2009 +0100
@@ -155,7 +155,7 @@
 
     if not found:
         # we will not have linked, so forbid access
-        request.makeForbidden403()
+        request.makeForbidden(403, 'No MoinAuth in auth list')
         return
 
     page = Page(request, pagename)
--- a/MoinMoin/action/recoverpass.py	Thu Nov 05 08:53:30 2009 +0100
+++ b/MoinMoin/action/recoverpass.py	Sat Nov 07 00:58:24 2009 +0100
@@ -147,7 +147,7 @@
 
     if not found:
         # we will not have linked, so forbid access
-        request.makeForbidden403()
+        request.makeForbidden(403, 'No MoinAuth in auth list')
         return
 
     page = Page(request, pagename)
--- a/MoinMoin/action/serveopenid.py	Thu Nov 05 08:53:30 2009 +0100
+++ b/MoinMoin/action/serveopenid.py	Sat Nov 07 00:58:24 2009 +0100
@@ -181,7 +181,7 @@
             # since we didn't put any openid.server into
             # the page to start with, this is someone trying
             # to abuse us. No need to give a nice error
-            request.makeForbidden403()
+            request.makeForbidden(403, '')
             return
 
         server_url = request.getQualifiedURL(
@@ -203,8 +203,7 @@
             username = request.user.name
         elif identity is not None:
             if not self._verify_endpoint_identity(identity):
-                request.makeForbidden403()
-                request.write('verification failed')
+                request.makeForbidden(403, 'verification failed')
                 return
 
         if 'openid.user' in request.page.pi:
@@ -233,8 +232,7 @@
                 return
 
             if openidreq is None:
-                request.makeForbidden403()
-                request.write('no request')
+                request.makeForbidden(403, 'no request')
                 return
 
             if request.user.valid and username != request.user.name:
@@ -264,14 +262,12 @@
         # use empty string if nothing was sent
         form_nonce = form.get('nonce', '')
         if session_nonce != form_nonce:
-            self.request.makeForbidden403()
-            self.request.write('invalid nonce')
+            self.request.makeForbidden(403, 'invalid nonce')
             return None
 
         openidreq = request.session.get('openidserver.request')
         if not openidreq:
-            request.makeForbidden403()
-            request.write('no response request')
+            request.makeForbidden(403, 'no response request')
             return None
         del request.session['openidserver.request']