openstack/deb-murano
Code Issues Proposed changes

Resolved MRN-704

Browse Source 
Return 403 Error Code when no session is provided for calls
that require session.

Change-Id: I0569c3a476656414e8e95400de5f2ea624d0f31f
This commit is contained in:
Serg Melikyan 2013-08-07 11:34:31 +04:00
parent 0b0b09cf4e
commit a676abf995
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
muranoapi/utils.py
View File

@ -25,7 +25,7 @@ log = logging.getLogger(__name__)
def verify_session(func): def verify_session(func):
@functools.wraps(func) @functools.wraps(func)
def __inner(self, request, *args, **kwargs): def __inner(self, request, *args, **kwargs):
if not hasattr(request, 'context') and not request.context.session: if hasattr(request, 'context') and not request.context.session:
log.info('Session is required for this call') log.info('Session is required for this call')
raise exc.HTTPForbidden() raise exc.HTTPForbidden()
@ -34,6 +34,10 @@ def verify_session(func):
unit = get_session() unit = get_session()
session = unit.query(Session).get(session_id) session = unit.query(Session).get(session_id)
if session is None:
log.info('Session <SessionId {0}> is not found'.format(session_id))
raise exc.HTTPForbidden()
if not SessionServices.validate(session): if not SessionServices.validate(session):
log.info('Session <SessionId {0}> is invalid'.format(session_id)) log.info('Session <SessionId {0}> is invalid'.format(session_id))
raise exc.HTTPForbidden() raise exc.HTTPForbidden()