Nuxeo mailing list archives
[CPS-devel] assertViewable in main_template
Georges Racinet
gracinet at nuxeo.com
Thu Dec 7 12:19:14 CET 2006
On Dec 7, 2006, at 12:05 PM, Joachim Schmitz wrote:
> hi,
>
> in cpsskins_cps3/main_template.pt there is at the top:
>
> can_raise python:mtool.assertViewable(here);
>
> this raises the Unauthorized-exeception, if the user accesses an
> object which he is not allowed to see. what is intended here I
> assume, cause the enduser gets the Authentication box.
>
> What is the best way to catch this situation, and provide the user
> with not information at all.
The purpose is to make the redirection to login_form work for
anonymous users.
The exception would have been raised later anyway, but would be
catched by CPSSkins crash shield, and one'd get the blinking !!
instead of being redirected.
Apart from that, you have to design your application so that an
anthenticated user never gets a link he can't follow. Such a
situation qualifies as a bug of the content display layers. This is
true for all actions, for example. For catalog-based contents
listing, there's a dedicated index.
>
>
> --
> Mit freundlichen Grüßen Joachim Schmitz
> ......................................................................
> AixtraWare eK ..Joachim Schmitz ..www.aixtraware.de ..t: +49-2464-8851
> Hüsgenstr. 33a .....d-52457 Aldenhoven .............f: +49-2464-905163
>
>
> _______________________________________________
> cps-devel mailing list
> http://lists.nuxeo.com/mailman/listinfo/cps-devel
>
---------
Georges Racinet, Nuxeo SAS
Open Source Enterprise Content Management (ECM)
Web: http://www.nuxeo.com/ and http://www.nuxeo.org/ - Tel: +33 1 40
33 79 87
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.