[Checkins] SVN: grokui.admin/trunk/src/grokui/admin/view.py Catch unauthenticaed principals on index and redirect them to login form.
Uli Fouquet
uli at gnufix.de
Fri Mar 6 05:57:27 EST 2009
Log message for revision 97558:
Catch unauthenticaed principals on index and redirect them to login form.
Changed:
U grokui.admin/trunk/src/grokui/admin/view.py
-=-
Modified: grokui.admin/trunk/src/grokui/admin/view.py
===================================================================
--- grokui.admin/trunk/src/grokui/admin/view.py 2009-03-06 10:52:46 UTC (rev 97557)
+++ grokui.admin/trunk/src/grokui/admin/view.py 2009-03-06 10:57:27 UTC (rev 97558)
@@ -56,6 +56,7 @@
from zope.app.security.interfaces import IUnauthenticatedPrincipal
from zope.exceptions import DuplicationError
from zope.proxy import removeAllProxies
+from zope.security.management import getInteraction
from zope.tal.taldefs import attrEscape
from ZODB.FileStorage.FileStorage import FileStorageError
@@ -404,12 +405,24 @@
class Index(GAIAView):
- """A redirector to the real frontpage."""
+ """A redirector to the real frontpage.
+ If a user is not authenticated, we redirect to the
+ login form. This avoids raising of Unauthorized exceptions, if
+ the debugger is used.
+ """
+
grok.name('index.html') # The root folder is not a grok.Model
- grok.require('grok.ManageApplications')
def update(self):
+ interaction = getInteraction()
+ if not interaction.checkPermission('grok.ManageApplications',
+ self.context):
+ # If the user is has no proper permissions we redirect to
+ # the login form, which pops up a basic-auth by default.
+ self.redirect(
+ 'login.html?nextURL=%s' % self.url())
+ return
apps = zope.component.getAllUtilitiesRegisteredFor(
grok.interfaces.IApplication)
self.applications = ("%s.%s" % (x.__module__, x.__name__)
More information about the Checkins
mailing list