server/querier.py
changeset 8867 6ad000b91347
parent 8748 f5027f8d2478
parent 8863 98c107bd6cd0
child 9167 c05652b108ce
--- a/server/querier.py	Thu Apr 04 17:45:09 2013 +0200
+++ b/server/querier.py	Mon Apr 08 14:45:10 2013 +0200
@@ -63,8 +63,9 @@
 def check_no_password_selected(rqlst):
     """check that Password entities are not selected"""
     for solution in rqlst.solutions:
-        if 'Password' in solution.itervalues():
-            raise Unauthorized('Password selection is not allowed')
+        for var, etype in solution.iteritems():
+            if etype == 'Password':
+                raise Unauthorized('Password selection is not allowed (%s)' % var)
 
 def term_etype(session, term, solution, args):
     """return the entity type for the given term (a VariableRef or a Constant