Mercurial > p > roundup > code

annotate roundup/exceptions.py @ 4851:24b8011cd2dc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix XSS in issue2550817 Note that the code that triggers that particular bug is no longer in roundup core. But the change to the templates we suggest is a *lot* safer as it always escapes the error and ok messages now. If you are upgrading: you *MUST* read doc/upgrading.txt and do the necessary changes to your templates, the escaping now happens in the template and not in the roundup code. So if you don't make the necessary changes *you are vulnerable*.
author Ralf Schlatterbeck <rsc@runtux.com>
date Fri, 20 Dec 2013 18:24:10 +0100
parents bbab97f8ffb2
children 494d255043c9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
1 """Exceptions for use across all Roundup components.
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
2 """
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
3
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4 __docformat__ = 'restructuredtext'
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
5
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
6 class LoginError(Exception):
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
7 pass
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
8
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
9 class Unauthorised(Exception):
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
10 pass
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
11
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
12 class Reject(Exception):
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
13 """An auditor may raise this exception when the current create or set
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
14 operation should be stopped.
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
15
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
16 It is up to the specific interface invoking the create or set to
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
17 handle this exception sanely. For example:
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
18
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19 - mailgw will trap and ignore Reject for file attachments and messages
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
20 - cgi will trap and present the exception in a nice format
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 4066
diff changeset
21 """
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
22 pass
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
23
4066
042ace5ddb7c Move 'UsageError' definition from roundup.admin to roundup.exceptions.
Stefan Seefeld <stefan@seefeld.name>
parents: 2129
diff changeset
24 class UsageError(ValueError):
042ace5ddb7c Move 'UsageError' definition from roundup.admin to roundup.exceptions.
Stefan Seefeld <stefan@seefeld.name>
parents: 2129
diff changeset
25 pass
042ace5ddb7c Move 'UsageError' definition from roundup.admin to roundup.exceptions.
Stefan Seefeld <stefan@seefeld.name>
parents: 2129
diff changeset
26
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
27 # vim: set filetype=python ts=4 sw=4 et si
Roundup Issue Tracker: http://roundup-tracker.org/