Skip to content

Commit

Permalink
Merge pull request #441 from davidemoro/fix-forbiddenslot
Browse files Browse the repository at this point in the history 
prevent raising HTTPForbidden exception during slots rendering
  • Loading branch information
@disko
disko committed Jun 24, 2015
2 parents b1ceae6 + 33b00ad commit 1904e1c
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 2 deletions.
2 changes: 1 addition & 1 deletion CHANGES.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ Change History
1.1.4 - unreleased
------------------

- No changes yet.
- Ignore HTTPForbidden exceptions during slot rendering

1.1.3 - 2015-06-17
------------------
Expand Down
16 changes: 16 additions & 0 deletions kotti/tests/test_util_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,22 @@ def special(context, request):
api = self.make()
assert api.slots.right == [u"Hello world!"]

def test_assign_to_slot_forbidden(self, config, db_session,
events):
from kotti.views.slots import assign_slot
from pyramid.exceptions import HTTPForbidden

def special(context, request):
return Response(u"Hello world!")
assign_slot('special', 'right')

config.add_view(special, name='special', permission='admin')
# the slot rendering must not fail if a HTTPForbidden exception
api = self.make()
with patch('kotti.views.slots.render_view') as render_view:
render_view.side_effect = HTTPForbidden()
assert api.slots.right == []

def test_assign_slot_bad_name(self):
from kotti.views.slots import assign_slot

Expand Down
3 changes: 2 additions & 1 deletion kotti/views/slots.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,7 @@ def view(request, context):
import urllib

from pyramid.exceptions import PredicateMismatch
from pyramid.exceptions import HTTPForbidden
from pyramid.request import Request
from pyramid.view import render_view

Expand Down Expand Up @@ -77,7 +78,7 @@ def _render_view_on_slot_event(view_name, event, params):

try:
result = render_view(context, view_request, view_name)
except PredicateMismatch:
except (PredicateMismatch, HTTPForbidden):
return None
else:
return result.decode('utf-8')
Expand Down

0 comments on commit 1904e1c

Please sign in to comment.