[Checkins] SVN: Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/ - removed 'retry' and 'disable_cookie_login__' parameters

Yvo Schubbe y.2010 at wcm-solutions.de
Mon Jun 14 13:28:29 EDT 2010 

Log message for revision 113457:
  - removed 'retry' and 'disable_cookie_login__' parameters

Changed:
  U   Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/authentication.py
  U   Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/tests/authentication.txt

-=-
Modified: Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/authentication.py
===================================================================
--- Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/authentication.py	2010-06-14 16:04:13 UTC (rev 113456)
+++ Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/authentication.py	2010-06-14 17:28:29 UTC (rev 113457)
@@ -65,19 +65,10 @@
         except (AttributeError, ValueError):
             # re-raise the unhandled exception
             raise self.context
-        req = self.request
-        if req.get('disable_cookie_login__', 0):
-            # re-raise the unhandled exception
-            raise self.context
 
+        req = self.request
         attempt = getattr(req, '_cookie_auth', ATTEMPT_NONE)
-        if attempt == ATTEMPT_NONE:
-            # An anonymous user was denied access to something.
-            retry = ''
-        elif attempt == ATTEMPT_LOGIN:
-            # The login attempt failed.  Try again.
-            retry = '1'
-        else:
+        if attempt not in (ATTEMPT_NONE, ATTEMPT_LOGIN):
             # An authenticated user was denied access to something.
             # XXX: hack context to get the right @@standard_macros/page
             #      why do we get the wrong without this hack?
@@ -94,8 +85,7 @@
                 if not query.startswith('?'):
                     query = '?' + query
                 came_from = came_from + query
-        url = '%s?came_from=%s&retry=%s&disable_cookie_login__=1' % (
-            target, quote(came_from), retry)
+        url = '%s?came_from=%s' % (target, quote(came_from))
         raise Redirect(url)
 
 

Modified: Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/tests/authentication.txt
===================================================================
--- Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/tests/authentication.txt	2010-06-14 16:04:13 UTC (rev 113456)
+++ Products.CMFDefault/branches/cookiecrumbler_with_views/Products/CMFDefault/browser/tests/authentication.txt	2010-06-14 17:28:29 UTC (rev 113457)
@@ -29,7 +29,7 @@
     >>> browser.contents
     ''
     >>> browser.headers['Location']
-    'http://localhost/site/login_form?came_from=http%3A//localhost/site/reconfig_form&retry=&disable_cookie_login__=1'
+    'http://localhost/site/login_form?came_from=http%3A//localhost/site/reconfig_form'
 
 And it works if raised by BaseRequest.traverse (here caused by manage_main).
 
@@ -40,7 +40,7 @@
     >>> browser.contents
     ''
     >>> browser.headers['Location']
-    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main&retry=&disable_cookie_login__=1'
+    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main'
 
 Same redirect with a query string. The query string is preserved.
 
@@ -51,7 +51,7 @@
     >>> browser.contents
     ''
     >>> browser.headers['Location']
-    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main%3Fa%3Aint%3D1%26x%3Astring%3Dy&retry=&disable_cookie_login__=1'
+    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main%3Fa%3Aint%3D1%26x%3Astring%3Dy'
     >>> quote('manage_main?a:int=1&x:string=y') in browser.headers['Location']
     True
 
@@ -65,17 +65,8 @@
     >>> browser.contents
     ''
     >>> browser.headers['Location']
-    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main&retry=1&disable_cookie_login__=1'
+    'http://localhost/site/login_form?came_from=http%3A//localhost/site/manage_main'
 
-But requests with 'disable_cookie_login__=1' are not redirected.
-
-    >>> browser.open('http://localhost/site/manage_main?disable_cookie_login__=1')
-    Traceback (most recent call last):
-    ...
-    HTTPError: HTTP Error 401: Unauthorized
-    >>> browser.contents
-    '<strong>You are not authorized to access this resource.</strong>'
-
 The view for zExceptions.Unauthorized shows a Forbidden error if logged in.
 
     >>> browser.cookies['__ac'] = '%s' % mbr_credentials

More information about the checkins mailing list