heckyel/mediagoblin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Convert return HttpException to raise HttpException

Browse Source 
controllers (view function) raise HttpException's and do not return them.

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
This commit is contained in:
Sebastian Spaeth 2012-12-23 11:58:51 +01:00
parent 785b287fcb
commit cfa922295e
6 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
mediagoblin/admin/views.py
View File

@ -14,10 +14,11 @@
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from werkzeug.exceptions import Forbidden
from mediagoblin.db.util import DESCENDING
from mediagoblin.decorators import require_active_login
from mediagoblin.tools.response import (render_to_response, render_403,
render_404)
from mediagoblin.tools.response import render_to_response
@require_active_login
def admin_processing_panel(request):
@ -26,7 +27,7 @@ def admin_processing_panel(request):
'''
# TODO: Why not a "require_admin_login" decorator throwing a 403 exception?
if not request.user.is_admin:
return render_403(request)
raise Forbidden()
processing_entries = request.db.MediaEntry.find(
{'state': u'processing'}).sort('created', DESCENDING)

4
mediagoblin/decorators.py
View File

@ -74,7 +74,7 @@ def user_may_delete_media(controller):
{'id': ObjectId(request.matchdict['media'])}).uploader
if not (request.user.is_admin or
request.user.id == uploader_id):
return Forbidden()
raise Forbidden()
return controller(request, *args, **kwargs)
@ -91,7 +91,7 @@ def user_may_alter_collection(controller):
{'username': request.matchdict['user']}).id
if not (request.user.is_admin or
request.user.id == creator_id):
return Forbidden()
raise Forbidden()
return controller(request, *args, **kwargs)

4
mediagoblin/edit/views.py
View File

@ -41,7 +41,7 @@ import mimetypes
@require_active_login
def edit_media(request, media):
if not may_edit_media(request, media):
return Forbidden("User may not edit this media")
raise Forbidden("User may not edit this media")
defaults = dict(
title=media.title,
@ -165,7 +165,7 @@ def edit_attachments(request, media):
{'media': media,
'form': form})
else:
return Forbidden("Attachments are disabled")
raise Forbidden("Attachments are disabled")
@require_active_login

4
mediagoblin/meddleware/csrf.py
View File

@ -130,7 +130,7 @@ class CsrfMeddleware(BaseMeddleware):
# the CSRF cookie must be present in the request
errstr = 'CSRF cookie not present'
_log.error(errstr)
return Forbidden(errstr)
raise Forbidden(errstr)
# get the form token and confirm it matches
form = CsrfForm(request.form)
@ -145,4 +145,4 @@ class CsrfMeddleware(BaseMeddleware):
# present; either way, the request is denied
errstr = 'CSRF validation failed'
_log.error(errstr)
return Forbidden(errstr)
raise Forbidden(errstr)

4
mediagoblin/plugins/api/tools.py
View File

@ -142,7 +142,7 @@ def api_auth(controller):
# If we can't find any authentication methods, we should not let them
# pass.
if not auth_candidates:
return Forbidden()
raise Forbidden()
# For now, just select the first one in the list
auth = auth_candidates[0]
@ -156,7 +156,7 @@ def api_auth(controller):
'status': 403,
'errors': auth.errors})
return Forbidden()
raise Forbidden()
return controller(request, *args, **kw)

6
mediagoblin/plugins/api/views.py
View File

@ -48,13 +48,13 @@ def post_entry(request):
if request.method != 'POST':
_log.debug('Must POST against post_entry')
return BadRequest()
raise BadRequest()
if not 'file' in request.files \
or not isinstance(request.files['file'], FileStorage) \
or not request.files['file'].stream:
_log.debug('File field not found')
return BadRequest()
raise BadRequest()
media_file = request.files['file']
@ -130,7 +130,7 @@ def post_entry(request):
@api_auth
def api_test(request):
if not request.user:
return Forbidden()
raise Forbidden()
user_data = {
'username': request.user.username,