From: Sebastian Spaeth Date: Sun, 23 Dec 2012 10:58:51 +0000 (+0100) Subject: Convert return HttpException to raise HttpException X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=cfa922295e5ddfaab336a3c2c0403422f77758b6;p=mediagoblin.git Convert return HttpException to raise HttpException controllers (view function) raise HttpException's and do not return them. Signed-off-by: Sebastian Spaeth --- diff --git a/mediagoblin/admin/views.py b/mediagoblin/admin/views.py index 9c14c55c..d0665151 100644 --- a/mediagoblin/admin/views.py +++ b/mediagoblin/admin/views.py @@ -14,10 +14,11 @@ # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . +from werkzeug.exceptions import Forbidden + from mediagoblin.db.util import DESCENDING from mediagoblin.decorators import require_active_login -from mediagoblin.tools.response import (render_to_response, render_403, - render_404) +from mediagoblin.tools.response import render_to_response @require_active_login def admin_processing_panel(request): @@ -26,7 +27,7 @@ def admin_processing_panel(request): ''' # TODO: Why not a "require_admin_login" decorator throwing a 403 exception? if not request.user.is_admin: - return render_403(request) + raise Forbidden() processing_entries = request.db.MediaEntry.find( {'state': u'processing'}).sort('created', DESCENDING) diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index e45d3272..0903dd41 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -74,7 +74,7 @@ def user_may_delete_media(controller): {'id': ObjectId(request.matchdict['media'])}).uploader if not (request.user.is_admin or request.user.id == uploader_id): - return Forbidden() + raise Forbidden() return controller(request, *args, **kwargs) @@ -91,7 +91,7 @@ def user_may_alter_collection(controller): {'username': request.matchdict['user']}).id if not (request.user.is_admin or request.user.id == creator_id): - return Forbidden() + raise Forbidden() return controller(request, *args, **kwargs) diff --git a/mediagoblin/edit/views.py b/mediagoblin/edit/views.py index 8840f36f..9de034bb 100644 --- a/mediagoblin/edit/views.py +++ b/mediagoblin/edit/views.py @@ -41,7 +41,7 @@ import mimetypes @require_active_login def edit_media(request, media): if not may_edit_media(request, media): - return Forbidden("User may not edit this media") + raise Forbidden("User may not edit this media") defaults = dict( title=media.title, @@ -165,7 +165,7 @@ def edit_attachments(request, media): {'media': media, 'form': form}) else: - return Forbidden("Attachments are disabled") + raise Forbidden("Attachments are disabled") @require_active_login diff --git a/mediagoblin/meddleware/csrf.py b/mediagoblin/meddleware/csrf.py index 65db9827..2984ebb9 100644 --- a/mediagoblin/meddleware/csrf.py +++ b/mediagoblin/meddleware/csrf.py @@ -130,7 +130,7 @@ class CsrfMeddleware(BaseMeddleware): # the CSRF cookie must be present in the request errstr = 'CSRF cookie not present' _log.error(errstr) - return Forbidden(errstr) + raise Forbidden(errstr) # get the form token and confirm it matches form = CsrfForm(request.form) @@ -145,4 +145,4 @@ class CsrfMeddleware(BaseMeddleware): # present; either way, the request is denied errstr = 'CSRF validation failed' _log.error(errstr) - return Forbidden(errstr) + raise Forbidden(errstr) diff --git a/mediagoblin/plugins/api/tools.py b/mediagoblin/plugins/api/tools.py index 0ef91127..03f528ce 100644 --- a/mediagoblin/plugins/api/tools.py +++ b/mediagoblin/plugins/api/tools.py @@ -142,7 +142,7 @@ def api_auth(controller): # If we can't find any authentication methods, we should not let them # pass. if not auth_candidates: - return Forbidden() + raise Forbidden() # For now, just select the first one in the list auth = auth_candidates[0] @@ -156,7 +156,7 @@ def api_auth(controller): 'status': 403, 'errors': auth.errors}) - return Forbidden() + raise Forbidden() return controller(request, *args, **kw) diff --git a/mediagoblin/plugins/api/views.py b/mediagoblin/plugins/api/views.py index 8e02d7bd..3d9437e0 100644 --- a/mediagoblin/plugins/api/views.py +++ b/mediagoblin/plugins/api/views.py @@ -48,13 +48,13 @@ def post_entry(request): if request.method != 'POST': _log.debug('Must POST against post_entry') - return BadRequest() + raise BadRequest() if not 'file' in request.files \ or not isinstance(request.files['file'], FileStorage) \ or not request.files['file'].stream: _log.debug('File field not found') - return BadRequest() + raise BadRequest() media_file = request.files['file'] @@ -130,7 +130,7 @@ def post_entry(request): @api_auth def api_test(request): if not request.user: - return Forbidden() + raise Forbidden() user_data = { 'username': request.user.username,