changeset 1005:c36f61f85e97

AccessDeniedError replaced by AccessDenied, from the new storage api.
author Bruno Martin <bruno@hacklab.com.br>
date Sat, 29 Oct 2011 02:14:29 -0200
parents 9fd0a6a988bb
children 0e285910600d 64e6be47c4f6
files MoinMoin/apps/frontend/views.py MoinMoin/items/__init__.py MoinMoin/macro/RandomItem.py MoinMoin/storage/error.py
diffstat 4 files changed, 35 insertions(+), 48 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/apps/frontend/views.py	Sat Oct 29 01:43:06 2011 -0200
+++ b/MoinMoin/apps/frontend/views.py	Sat Oct 29 02:14:29 2011 -0200
@@ -56,8 +56,9 @@
 from MoinMoin.util import crypto
 from MoinMoin.util.interwiki import url_for_item
 from MoinMoin.security.textcha import TextCha, TextChaizedForm, TextChaValid
-from MoinMoin.storage.error import NoSuchItemError, NoSuchRevisionError, AccessDeniedError
+from MoinMoin.storage.error import NoSuchItemError, NoSuchRevisionError
 from MoinMoin.signalling import item_displayed, item_modified
+from MoinMoin.storage.middleware.protecting import AccessDenied
 
 
 @frontend.route('/+dispatch', methods=['GET', ])
@@ -197,7 +198,7 @@
                         item_name=item_name)
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     show_revision = rev != CURRENT
     show_navigation = False # TODO
@@ -230,7 +231,7 @@
 def show_dom(item_name, rev):
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         status = 404
@@ -258,7 +259,7 @@
 def highlight_item(item_name, rev):
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -274,7 +275,7 @@
     flaskg.user.addTrail(item_name)
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -311,7 +312,7 @@
                         item_name=item_name)
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -325,7 +326,7 @@
 def get_item(item_name, rev):
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     return item.do_get()
 
@@ -335,7 +336,7 @@
     try:
         item = Item.create(item_name, rev_id=rev)
         mimetype = request.values.get("mimetype")
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     return item.do_get(force_attachment=True, mimetype=mimetype)
 
@@ -353,7 +354,7 @@
     contenttype = request.values.get('contenttype')
     try:
         item = Item.create(item_name, rev_id=CURRENT)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     # We don't care about the name of the converted object
     # It should just be a name which does not exist.
@@ -361,7 +362,7 @@
     item_name_converted = item_name + 'converted'
     try:
         converted_item = Item.create(item_name_converted, contenttype=contenttype)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     return converted_item._convert(item.internal_representation())
 
@@ -378,7 +379,7 @@
     template_name = request.values.get('template')
     try:
         item = Item.create(item_name, contenttype=contenttype)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if not flaskg.user.may.write(item_name):
         abort(403)
@@ -420,7 +421,7 @@
 def revert_item(item_name, rev):
     try:
         item = Item.create(item_name, rev_id=rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -444,7 +445,7 @@
 def rename_item(item_name):
     try:
         item = Item.create(item_name)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -470,7 +471,7 @@
 def delete_item(item_name):
     try:
         item = Item.create(item_name)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -509,7 +510,7 @@
                 item = Item.create(itemname)
                 item.delete(comment)
                 response["status"].append(True)
-            except AccessDeniedError:
+            except AccessDenied:
                 response["status"].append(False)
 
     return jsonify(response)
@@ -534,7 +535,7 @@
                 item = Item.create(itemname)
                 item.destroy(comment=comment, destroy_item=True)
                 response["status"].append(True)
-            except AccessDeniedError:
+            except AccessDenied:
                 response["status"].append(False)
 
     return jsonify(response)
@@ -564,7 +565,7 @@
         destroy_item = False
     try:
         item = Item.create(item_name, rev_id=_rev)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     if isinstance(item, NonExistent):
         abort(404, item_name)
@@ -608,7 +609,7 @@
                        url=url_for('.show_item', item_name=item_name, rev=revid),
                        contenttype=contenttype_to_class(contenttype),
                       )
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
 
 
@@ -617,7 +618,7 @@
 def index(item_name):
     try:
         item = Item.create(item_name) # when item_name='', it gives toplevel index
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
 
     if request.method == 'GET':
@@ -1381,13 +1382,13 @@
 
 @frontend.route('/+diffraw/<path:item_name>')
 def diffraw(item_name):
-    # TODO get_item and get_revision calls may raise an AccessDeniedError.
+    # TODO get_item and get_revision calls may raise an AccessDenied.
     #      If this happens for get_item, don't show the diff at all
     #      If it happens for get_revision, we may just want to skip that rev in the list
     # TODO verify if it does crash when the item does not exist
     try:
         item = flaskg.storage.get_item(item_name)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     rev1 = request.values.get('rev1')
     rev2 = request.values.get('rev2')
@@ -1439,7 +1440,7 @@
 
     try:
         item = Item.create(item.name, contenttype=commonmt, rev_id=newrev.revid)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     rev_ids = [CURRENT]  # XXX TODO we need a reverse sorted list
     return render_template(item.diff_template,
@@ -1459,7 +1460,7 @@
 
     try:
         item = Item.create(item.name, contenttype=commonmt, rev_id=newrev.revid)
-    except AccessDeniedError:
+    except AccessDenied:
         abort(403)
     return item._render_data_diff_raw(oldrev, newrev)
 
@@ -1642,7 +1643,7 @@
         # does not recurse
         try:
             item = flaskg.storage[name]
-        except AccessDeniedError:
+        except AccessDenied:
             return []
         rev = item[CURRENT]
         itemlinks = rev.meta.get(ITEMLINKS, [])
--- a/MoinMoin/items/__init__.py	Sat Oct 29 01:43:06 2011 -0200
+++ b/MoinMoin/items/__init__.py	Sat Oct 29 02:14:29 2011 -0200
@@ -37,6 +37,7 @@
 from MoinMoin.util.tree import moin_page, html, xlink, docbook
 from MoinMoin.util.iri import Iri
 from MoinMoin.util.crypto import cache_key
+from MoinMoin.storage.middleware.protecting import AccessDenied
 
 try:
     import PIL
@@ -66,8 +67,7 @@
 from MoinMoin import wikiutil, config, user
 from MoinMoin.util.send_file import send_file
 from MoinMoin.util.interwiki import url_for_item
-from MoinMoin.storage.error import NoSuchItemError, NoSuchRevisionError, AccessDeniedError, \
-                                   StorageError
+from MoinMoin.storage.error import NoSuchItemError, NoSuchRevisionError, StorageError
 from MoinMoin.config import NAME, NAME_OLD, NAME_EXACT, WIKINAME, MTIME, REVERTED_TO, ACL, \
                             IS_SYSITEM, SYSITEM_VERSION,  USERGROUP, SOMEDICT, \
                             CONTENTTYPE, SIZE, LANGUAGE, ITEMLINKS, ITEMTRANSCLUSIONS, \
@@ -711,7 +711,7 @@
             if form.validate():
                 try:
                     self.modify() # XXX
-                except AccessDeniedError:
+                except AccessDenied:
                     abort(403)
                 else:
                     return redirect(url_for_item(self.name))
@@ -1166,7 +1166,7 @@
             if form.validate():
                 try:
                     self.modify() # XXX
-                except AccessDeniedError:
+                except AccessDenied:
                     abort(403)
                 else:
                     return redirect(url_for_item(self.name))
@@ -1324,7 +1324,7 @@
             # this POST comes directly from TWikiDraw (not from Browser), thus no validation
             try:
                 self.modify() # XXX
-            except AccessDeniedError:
+            except AccessDenied:
                 abort(403)
             else:
                 # TWikiDraw POSTs more than once, redirecting would break them
@@ -1414,7 +1414,7 @@
             # this POST comes directly from AnyWikiDraw (not from Browser), thus no validation
             try:
                 self.modify() # XXX
-            except AccessDeniedError:
+            except AccessDenied:
                 abort(403)
             else:
                 # AnyWikiDraw POSTs more than once, redirecting would break them
@@ -1500,7 +1500,7 @@
             # this POST comes directly from SvgDraw (not from Browser), thus no validation
             try:
                 self.modify() # XXX
-            except AccessDeniedError:
+            except AccessDenied:
                 abort(403)
             else:
                 # SvgDraw POSTs more than once, redirecting would break them
--- a/MoinMoin/macro/RandomItem.py	Sat Oct 29 01:43:06 2011 -0200
+++ b/MoinMoin/macro/RandomItem.py	Sat Oct 29 02:14:29 2011 -0200
@@ -16,8 +16,9 @@
 
 from MoinMoin.util.iri import Iri
 from MoinMoin.util.tree import moin_page, xlink
-from MoinMoin.items import Item, AccessDeniedError
+from MoinMoin.items import Item
 from MoinMoin.macro._base import MacroInlineBase
+from MoinMoin.storage.middleware.protecting import AccessDenied
 
 
 class Macro(MacroInlineBase):
@@ -43,7 +44,7 @@
                 item = Item.create(item_name)
                 random_item_names.append(item_name)
                 found += 1
-            except AccessDeniedError:
+            except AccessDenied:
                 pass
 
         if not random_item_names:
--- a/MoinMoin/storage/error.py	Sat Oct 29 01:43:06 2011 -0200
+++ b/MoinMoin/storage/error.py	Sat Oct 29 02:14:29 2011 -0200
@@ -33,21 +33,6 @@
     """
     pass
 
-class AccessDeniedError(AccessError):
-    """
-    Raised if the required rights are not available to perform the action.
-    """
-    def __init__(self, username=None, priv=None, item=None):
-        if None in (username, priv, item):
-            message = _("Permission denied!")
-        else:
-            username = username or L_("You")
-            message = _("%(username)s may not %(priv)s '%(item)s'.",
-                        username=username, priv=_(priv), item=item)
-            # XXX add _('...') for all privs elsewhere for extraction
-
-        AccessError.__init__(self, message)
-
 class LockingError(AccessError):
     """
     Raised if the action could not be commited because the Item is locked