--- a/web/application.py Tue May 25 11:51:48 2010 +0200
+++ b/web/application.py Wed May 26 12:33:48 2010 +0200
@@ -233,12 +233,15 @@
return session
def _update_last_login_time(self, req):
+ # XXX should properly detect missing permission / non writeable source
+ # and avoid "except (RepositoryError, Unauthorized)" below
+ if req.user.metainformation()['source']['adapter'] == 'ldapuser':
+ return
try:
req.execute('SET X last_login_time NOW WHERE X eid %(x)s',
{'x' : req.user.eid})
req.cnx.commit()
except (RepositoryError, Unauthorized):
- # ldap user are not writeable for instance
req.cnx.rollback()
except:
req.cnx.rollback()
@@ -379,6 +382,8 @@
controller = self.vreg['controllers'].select(ctrlid, req,
appli=self)
except NoSelectableObject:
+ if ctrlid == 'login':
+ raise Unauthorized(req._('log out first'))
raise Unauthorized(req._('not authorized'))
req.update_search_state()
result = controller.publish(rset=rset)