Add 'return' after failed permission checks in search/editCSV actions.

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@2004 57a73879-2fb5-44c3-a270-3262357dd7e2

diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index 874796fb353d864a85afd311be79de0b7a502bcc..8990d860f56371719a27c4ef9a0cfbdfe6883126 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
@@ -1,4 +1,4 @@
-# $Id: client.py,v 1.146 2003-11-13 05:56:48 richard Exp $
+# $Id: client.py,v 1.147 2003-11-21 21:59:05 jlgijsbers Exp $
 
 __doc__ = """
 WWW request handler (also used in the stand-alone server).
@@ -1125,7 +1125,8 @@ You should then receive another email with the new password.
         # this is per-class only
         if not self.editCSVPermission():
             self.error_message.append(
-                _('You do not have permission to edit %s' %self.classname))
+                 _('You do not have permission to edit %s' %self.classname))
+            return
 
         # get the CSV module
         if rcsv.error:
@@ -1237,6 +1238,7 @@ You should then receive another email with the new password.
         if not self.searchPermission():
             self.error_message.append(
                 _('You do not have permission to search %s' %self.classname))
+            return
 
         # add a faked :filter form variable for each filtering prop
         props = self.db.classes[self.classname].getprops()