# HG changeset patch
# User Julien Cristau <julien.cristau@logilab.fr>
# Date 1405678981 -7200
# Node ID 9b42e55e0686ae7f735afd537a8eaaeb64f6f7d4
# Parent  5b48dcc02be1404c938a8a82a88fe7c12048c3c0
[web] Fix expiry of anonymous sessions (closes #4154479)

Things like:

  try:
    foo
  except:
    bar
  else:
    baz

doesn't work very well if you expect baz to run even in the exception
case.  Plus, session.cnx.check() is a dbapi remnant, so drop it and just
look at session.mtime.

diff -r 5b48dcc02be1 -r 9b42e55e0686 web/application.py
--- a/web/application.py	Wed Jul 16 17:20:55 2014 +0200
+++ b/web/application.py	Fri Jul 18 12:23:01 2014 +0200
@@ -34,7 +34,7 @@
 from cubicweb import (
     ValidationError, Unauthorized, Forbidden,
     AuthenticationError, NoSelectableObject,
-    BadConnectionId, CW_EVENT_MANAGER)
+    CW_EVENT_MANAGER)
 from cubicweb.repoapi import anonymous_cnx
 from cubicweb.web import LOGGER, component, cors
 from cubicweb.web import (
@@ -87,22 +87,15 @@
         closed, total = 0, 0
         for session in self.current_sessions():
             total += 1
-            try:
-                last_usage_time = session.cnx.check()
-            except AttributeError:
-                last_usage_time = session.mtime
-            except BadConnectionId:
+            last_usage_time = session.mtime
+            no_use_time = (time() - last_usage_time)
+            if session.anonymous_session:
+                if no_use_time >= self.cleanup_anon_session_time:
+                    self.close_session(session)
+                    closed += 1
+            elif session_time is not None and no_use_time >= session_time:
                 self.close_session(session)
                 closed += 1
-            else:
-                no_use_time = (time() - last_usage_time)
-                if session.anonymous_session:
-                    if no_use_time >= self.cleanup_anon_session_time:
-                        self.close_session(session)
-                        closed += 1
-                elif session_time is not None and no_use_time >= session_time:
-                    self.close_session(session)
-                    closed += 1
         return closed, total - closed
 
     def current_sessions(self):