From e7501330865d7cbc8efddd057db1b5a4aa71137c Mon Sep 17 00:00:00 2001 From: richard Date: Tue, 24 Jun 2003 05:00:43 +0000 Subject: [PATCH] don't open the database for static files git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/trunk@1764 57a73879-2fb5-44c3-a270-3262357dd7e2 --- roundup/cgi/client.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py index 3c7e9f0..397c2fe 100644 --- a/roundup/cgi/client.py +++ b/roundup/cgi/client.py @@ -1,4 +1,4 @@ -# $Id: client.py,v 1.123 2003-06-24 04:16:35 richard Exp $ +# $Id: client.py,v 1.124 2003-06-24 05:00:43 richard Exp $ __doc__ = """ WWW request handler (also used in the stand-alone server). @@ -232,10 +232,15 @@ class Client: self.ok_message = [] self.error_message = [] try: - # make sure we're identified (even anonymously) - self.determine_user() # figure out the context and desired content template + # do this first so we don't authenticate for static files + # Note: this method opens the database as "admin" in order to + # perform context checks self.determine_context() + + # make sure we're identified (even anonymously) + self.determine_user() + # possibly handle a form submit action (may change self.classname # and self.template, and may also append error/ok_messages) self.handle_action() @@ -312,8 +317,6 @@ class Client: def determine_user(self): ''' Determine who the user is ''' - # determine the uid to use - self.opendb('admin') # clean age sessions self.clean_sessions() # make sure we have the session Class @@ -423,6 +426,9 @@ class Client: # send the file identified by the designator in path[0] raise SendFile, path[0] + # we need the db for further context stuff - open it as admin + self.opendb('admin') + # see if we got a designator m = dre.match(self.classname) if m: -- 2.30.2