1 new commit in galaxy-central: https://bitbucket.org/galaxy/galaxy-central/commits/e75441f1e264/ Changeset: e75441f1e264 User: carlfeberhard Date: 2015-02-03 17:47:02+00:00 Summary: Core, authentication: set status code of trans._authenticate_api errors to 403 in _future_expose_api, some readability changes Affected #: 1 file diff -r bcaffc4a0a61d3d803cee45435548d0db0e59e54 -r e75441f1e264318e2004f27b3cc868f237f3b6d2 lib/galaxy/web/framework/decorators.py --- a/lib/galaxy/web/framework/decorators.py +++ b/lib/galaxy/web/framework/decorators.py @@ -202,19 +202,20 @@ """ @wraps(func) def decorator( self, trans, *args, **kwargs ): + # errors passed in from trans._authenicate_api if trans.error_message: - # TODO: Document this branch, when can this happen, - # I don't understand it. - return __api_error_response( trans, err_msg=trans.error_message ) + return __api_error_response( trans, status_code=403, err_code=error_codes.USER_NO_API_KEY, + err_msg=trans.error_message ) + if trans.anonymous: + # error if anon and user required + if user_required: + return __api_error_response( trans, status_code=403, err_code=error_codes.USER_NO_API_KEY, + err_msg="API authentication required for this request" ) + # error if anon and no session + if not trans.galaxy_session and user_or_session_required: + return __api_error_response( trans, status_code=403, err_code=error_codes.USER_NO_API_KEY, + err_msg="API authentication required for this request" ) - # error if user required and anon - # error if anon and no session - if ( ( trans.anonymous and user_required ) - or ( trans.anonymous and user_or_session_required and not trans.galaxy_session ) ): - error_code = error_codes.USER_NO_API_KEY - # Use error codes default error message. - err_msg = "API authentication required for this request" - return __api_error_response( trans, err_code=error_code, err_msg=err_msg, status_code=403 ) if trans.request.body: try: kwargs['payload'] = __extract_payload_from_request(trans, func, kwargs) Repository URL: https://bitbucket.org/galaxy/galaxy-central/ -- This is a commit notification from bitbucket.org. You are receiving this because you have the service enabled, addressing the recipient of this email.