Changed getobject logic to log on failure and raise a meaningful exception...

Changed getobject logic to log on failure and raise a meaningful exception instead of raising unauthorized and causing a browser auth box to pop up.

Changed getobject logic to log on failure and raise a meaningful exception...
Changed getobject logic to log on failure and raise a meaningful exception instead of raising unauthorized and causing a browser auth box to pop up.
25911c3d · Chris McDonough · 0a4e64e8 · 25911c3d
Commit 25911c3d authored Feb 12, 2001 by Chris McDonough
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 2 deletions

lib/python/Products/ZCatalog/ZCatalog.py lib/python/Products/ZCatalog/ZCatalog.py +8 -2

No files found.
--- a/lib/python/Products/ZCatalog/ZCatalog.py
+++ b/lib/python/Products/ZCatalog/ZCatalog.py
@@ -103,6 +103,7 @@ from Vocabulary import Vocabulary
 import IOBTree
 from Shared.DC.ZRDB.TM import TM
 from AccessControl import getSecurityManager
+from zLOG import LOG, ERROR

 manage_addZCatalogForm=DTMLFile('dtml/addZCatalog',globals())

@@ -460,8 +461,13 @@ class ZCatalog(Folder, Persistent, Implicit):
                    REQUEST=self.REQUEST
                obj = self.aq_parent.resolve_url(self.getpath(rid), REQUEST)
            return obj
-        except:
-            pass
+        except 'Unauthorized':
+            user = getSecurityManager().getUser().getUserName()
+            LOG('ZCatalog', ERROR, ('User %s attempted to retrieve object '
+                                    'with record id %s using getobject.'
+                                    % (user, rid)))
+            raise ('Access to object with record id %s in Catalog denied: '
+                   'unauthorized as %s.' % (rid, user))

    def getMetadataForRID(self, rid):
        """return the correct metadata for the cataloged record id"""