[Zope3-checkins] CVS: Zope3/src/zope/app/browser/exception - unauthorized.py:1.2 unauthorized.pt:1.2

Jim Fulton jim@zope.com
Thu, 6 Mar 2003 17:42:08 -0500 

Update of /cvs-repository/Zope3/src/zope/app/browser/exception
In directory cvs.zope.org:/tmp/cvs-serv15128

Modified Files:
	unauthorized.py unauthorized.pt 
Log Message:
- Removed the traceback from the output.
  User errors should not include tracebacks.
  The programmer can get tracebacks in the error logging service.

- Moved the issue warning call to the top of the template.
  This is important so we make sure we don't miss the ability
  to authenticate due to template rendering errors.

- Added logic to set the error status to 403 (Forbidden) in the case
  when we don't challenge the user.



=== Zope3/src/zope/app/browser/exception/unauthorized.py 1.1 => 1.2 ===
--- Zope3/src/zope/app/browser/exception/unauthorized.py:1.1	Wed Feb  5 06:34:53 2003
+++ Zope3/src/zope/app/browser/exception/unauthorized.py	Thu Mar  6 17:41:37 2003
@@ -27,15 +27,9 @@
         self.context = context
         self.request = request
 
-        t, v, tb = sys.exc_info()
-        try:
-            self.traceback = ''.join(format_exception(t, v, tb, as_html=1))
-        finally:
-            tb = None
-
     def issueChallenge(self):
+        self.request.response.setStatus(403)
         principal = self.request.user
         prinreg = getParent(principal)
         assert IAuthenticationService.isImplementedBy(prinreg)
         prinreg.unauthorized(principal.getId(), self.request)
-


=== Zope3/src/zope/app/browser/exception/unauthorized.pt 1.1 => 1.2 ===
--- Zope3/src/zope/app/browser/exception/unauthorized.pt:1.1	Wed Feb  5 06:34:53 2003
+++ Zope3/src/zope/app/browser/exception/unauthorized.pt	Thu Mar  6 17:41:37 2003
@@ -1,8 +1,13 @@
-<html>
+<tal:Make_sure_we_process_the_authorization_chalenge_first
+  condition="view/issueChallenge"
+/><html metal:use-macro="context/@@standard_macros/dialog">
 <body>
-<tal:tag condition="view/issueChallenge" />
+
+<div metal:fill-slot="body">
+
 <h1>Unauthorized</h1>
-<p>You're not allowed in here. Here's a traceback.</p>
-<tal:tag replace="structure view/traceback" />
+<p>You're not allowed in here.</p>
+
+</div>
 </body>
 </html>