Message3643
In simplified form, Roundup's logic for processing an HTTP request
looks like this:
try:
self.renderContext()
except SendFile, f:
self.serve_file(f)
except Unauthorised:
self.generate_error_message()
The idea is that the main renderContext raises a "SendFile" exception
to indicate that instead of generating normal output a file should be
sent back. And, renderContext may raise Unauthorised to indicate that
the user is not allowed to view the page.
The problem is that serve_file checks whether the file it's about to
serve is viewable -- and, if not, raises Unauthorised. That exception
is then not caught, and the user just gets an error, instead of the
tracker homepage with a useful error message.
With some (slight) reorganization of the relevant code, this can be
fixed. I'm working on a patch now. |
|
Date |
User |
Action |
Args |
2009-03-13 17:43:03 | stefan | set | messageid: <1236966183.83.0.282287140807.issue2550528@psf.upfronthosting.co.za> |
2009-03-13 17:43:03 | stefan | set | recipients:
+ stefan, richard |
2009-03-13 17:43:03 | stefan | link | issue2550528 messages |
2009-03-13 17:43:02 | stefan | create | |
|