Using different HTTP status codes in some cases where auth or rights are violated
This commit is contained in:
parent
db708a0853
commit
0c4562c01d
@ -51,9 +51,18 @@ from . import auth, config, ical, log, rights, storage, xmlutils
|
||||
|
||||
VERSION = "git"
|
||||
|
||||
# Standard "not allowed" response
|
||||
# Standard "not allowed" response that is returned when an authenticated
|
||||
# user tries to access information they don't have rights to.
|
||||
NOT_ALLOWED = (
|
||||
client.FORBIDDEN,
|
||||
{},
|
||||
None)
|
||||
|
||||
# Standard "authenticate" response that is returned when a
|
||||
# user tries to access non-public information w/o submitting
|
||||
# proper authentication credentials
|
||||
WRONG_CREDENTIALS = (
|
||||
client.UNAUTHORIZED,
|
||||
{"WWW-Authenticate": "Basic realm=\"Radicale - Password Required\""},
|
||||
None)
|
||||
|
||||
@ -284,11 +293,7 @@ class Application(object):
|
||||
# Unknown or unauthorized user
|
||||
log.LOGGER.info(
|
||||
"%s refused" % (user or "Anonymous user"))
|
||||
status = client.UNAUTHORIZED
|
||||
headers = {
|
||||
"WWW-Authenticate":
|
||||
"Basic realm=\"Radicale Server - Password Required\""}
|
||||
answer = None
|
||||
status, headers, answer = WRONG_CREDENTIALS
|
||||
|
||||
# Set content length
|
||||
if answer:
|
||||
@ -310,7 +315,7 @@ class Application(object):
|
||||
def delete(self, environ, read_collections, write_collections, content, user):
|
||||
"""Manage DELETE request."""
|
||||
if not len(write_collections):
|
||||
return NOT_ALLOWED
|
||||
return client.PRECONDITION_FAILED, {}, None
|
||||
|
||||
collection = write_collections[0]
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user