summaryrefslogtreecommitdiffstats
path: root/py-bin
diff options
context:
space:
mode:
authoralice <alice@immerda.ch>2012-09-21 15:03:58 +0200
committeralice <alice@immerda.ch>2012-10-19 15:20:07 +0200
commit0c064e1e3c5778670e66b085afd2e070221fabd4 (patch)
treee201c6d274d7b327fd3ceb44df28d50b389e1693 /py-bin
parent6eed48cbb37ae544e8ba425d15648f5f4f4cde84 (diff)
better error handling for access-denied case
Diffstat (limited to 'py-bin')
-rw-r--r--py-bin/jabberman.py14
-rw-r--r--py-bin/setup.py12
2 files changed, 16 insertions, 10 deletions
diff --git a/py-bin/jabberman.py b/py-bin/jabberman.py
index 90d019a..42b305b 100644
--- a/py-bin/jabberman.py
+++ b/py-bin/jabberman.py
@@ -307,15 +307,15 @@ class JabberManager:
user_id = self.current_user.email
ok, status = self.jadb.change_jid_password(user_id, jid, password)
- if jid == self.current_user.get_primary_jid():
- if ok:
+ if ok:
+ if jid == self.current_user.get_primary_jid():
self.__set_session(user_id, password = password)
- else:
+ return (True, "Passwort erfolgreich geaendert.")
+ else:
+ if jid == self.current_user.get_primary_jid():
self.__clear_session()
- return (False, status)
-
- return (True, "Passwort erfolgreich geaendert.")
-
+ return (False, status)
+
def is_acceptable_password(self, password, password2):
if password != password2:
return (False, "Passwoerter nicht identisch.")
diff --git a/py-bin/setup.py b/py-bin/setup.py
index a188a9b..d14bbd7 100644
--- a/py-bin/setup.py
+++ b/py-bin/setup.py
@@ -41,12 +41,18 @@ class SetupMixIn:
ok, status = self.jman.is_acceptable_password(password, password2)
if not ok:
- url = self.make_url([("cmd","set_pw_form"), ("error", status)])
+ url = self.make_url([("cmd","set_pw_form"), ("account", jid), ("error", status)])
self.redirect_to(req, url)
return
- self.jman.change_password(jid, password)
- self.__redirect_to_main(req)
+ ok, status = self.jman.change_password(jid, password)
+ if ok:
+ self.__redirect_to_main(req)
+ return
+ else:
+ url = self.make_url([("cmd","set_pw_form"), ("account", jid), ("error", status)])
+ self.redirect_to(req, url)
+ return
set_pw_process.web_callable = True
def add_account_form(self, req):