openstack
/
horizon
Code Issues Proposed changes
horizon/horizon
History
Jacek Tomasiak 486cb6ac8e Authenticate before Authorization 
When user is not logged in and given Dashboard has some `permissions`
defined, `require_perms` decorator was raising `NotAuthorized('You are
not authorized to access %s')` instead of `NotAuthenticated('Please log
in to continue.')`.
This was caused by the order of decorating the views. The decorator
which is applied last is called first in the chain as it wraps the
decorators which were applied before.
This means that to check for authentication before checking permissions
we need to apply the `require_auth` decorator after `require_perms`.

Closes-Bug: 1869708
Change-Id: I94d3fa5c1472bb72c9111cab14c6e05180f88589
(cherry picked from commit e4fd69292c)
 		2020-04-01 10:14:49 +00:00
..
browsers Fix CSRF error on Images dashboard 2019-03-18 19:03:40 +02:00
conf Fix startdash and startpanel management commands 2018-10-29 04:02:16 +09:00
contrib Fix H405 (multi line docstring) warnings (horizon) 2017-06-09 16:04:57 +00:00
forms Correctly set content-type for workflow response 2019-05-16 07:55:52 +00:00
hacking Eliminate mutable default arguments 2015-12-17 09:58:46 +00:00
locale Imported Translations from Zanata 2019-12-20 08:43:36 +00:00
management pylint: fix trailing-comma-tuple warning 2019-01-16 13:06:55 +09:00
middleware pylint: fix len-as-condition warning 2019-01-16 12:56:20 +09:00
static Avoid forced logout when 403 error encountered 2019-09-03 20:41:13 +00:00
tables Fix policy function check error 2019-03-01 14:21:07 -07:00
tabs pylint: fix unnecessary-pass warning 2019-01-16 13:10:16 +09:00
templates UT: Detect template rendering errors 2019-01-31 21:29:33 +09:00
templatetags Fix osprofiler support in horizon 2019-01-31 14:06:45 +01:00
test Complete angular translation extract pattern 2019-04-14 16:07:24 +00:00
utils Complete angular translation extract pattern 2019-04-14 16:07:24 +00:00
workflows GUI hangs on creation of project in User creation form 2019-12-17 02:37:00 +00:00
__init__.py Revert "Enable to refresh ngdetails view" 2017-08-02 18:31:22 +00:00
base.py Authenticate before Authorization 2020-04-01 10:14:49 +00:00
context_processors.py Remove extraneous vim configuration comments 2014-05-06 15:30:10 +08:00
decorators.py django2: is_authenticated/is_anonymous is now property only 2018-02-17 01:36:54 +09:00
exceptions.py pylint: Ignore existing misplaced-bare-raise error 2019-01-17 00:51:04 +09:00
karma.conf.js Move to '404' page when resource type or resource not found 2018-08-28 14:15:02 +09:00
loaders.py pylint: fix several coding convention violations 2019-01-17 00:05:27 +09:00
messages.py hacking: noqa cleanup in horizon 2017-03-17 19:38:47 +00:00
notifications.py pylint: fix simplifiable-if-statement/expression 2019-01-16 13:08:08 +09:00
site_urls.py Decorate Javascript i18n with a last_modified header 2019-01-06 17:20:45 +01:00
themes.py pylint: fix several coding convention violations 2019-01-17 00:05:27 +09:00
version.py Remove extraneous vim configuration comments 2014-05-06 15:30:10 +08:00
views.py flake8-import-order: Ensure to place project imports last 2017-09-20 01:19:38 +00:00