Please send me a patch! :-)
On Oct 24, 5:52 pm, Hong-Khoan Quach <hongkhoanqu...@googlemail.com>
wrote:
> Hi,
>
> I think that is a good starting point for us. Massimo,
> if you and you other guys don't mind, we'd like to try to fix this bug.
> I already looked into the sourcecode and have an idea but I need to
> check this :) .
>
> Regards
>
> Hong-Khoan
>
> Am 24.10.2011 02:48, schrieb Robert Clark:
>
>
>
>
>
>
>
> > Hi Massimo
>
> > Here are the steps to reproduce this problem in web2py 1.99.2 (these
> > steps worked fine on 1.98.x versions)
>
> > 1) In web2py admin create "New simple application" called "foo"
>
> > 2) Add to db.py:
> > auth.settings.allow_basic_login = True
>
> > 3) Decorate call() with @auth.requires_login in default.py:
>
> > @auth.requires_login()
> > def call():
> > ...
>
> > 4) Add a simple XMLPRC method to default.py:
>
> > @service.xmlrpc
> > def multiply(a=1,b=1):
> > return dict(answer=int(a) * int(b))
>
> > 5) Register a user with email "bob.sm...@foo.com" password "snowball"
>
> > 6) From a python shell use ServerProxy to invoke the service
>
> >> from xmlrpclib import ServerProxy
> >> server =
> >> ServerProxy('http://bob.sm...@foo.com:snowball@localhost:8000/foo/default/call/xmlrpc',
> >> verbose=True)
> >> server.multiply(2, 2)
>
> > ...
> > reply: 'HTTP/1.1 303 SEE OTHER\r\n'
> > ...
>
> > Cheers,
> > Rob
>
> > On Oct 22, 2:59 am, Massimo Di Pierro <massimo.dipie...@gmail.com>
> > wrote:
> >> Can you provide an example to reproduce the problem?
>
> >> On Oct 21, 12:38 am,RobinMarshall<robin.d.marsh...@gmail.com>
> >> wrote:
>
> >>> Hi,
>
> >>> Just wanted to say that we found a bug in 1.99.2 when using XMLRPC
> >>> services with the @auth.requires_login decorator using basic
> >>> authentication.
>
> >>> It looks like some code was refactored out of requires_login into a
> >>> generic requires method which might be the cause of the problem.
>
> >>> A quick hack was to change the following code, but obviously that
> >>> won't work very well for people who aren't using basic authentication.
>
> >>> def is_logged_in(self):
> >>> """
> >>> checks if the user is logged in and returns True/False.
> >>> if so user is in auth.user as well as in session.auth.user
> >>> """
> >>> if self.user:
> >>> return True
> >>> return False
>
> >>> to:
>
> >>> def is_logged_in(self):
> >>> """
> >>> checks if the user is logged in and returns True/False.
> >>> if so user is in auth.user as well as in session.auth.user
> >>> """
> >>> if self.basic() and self.user:
> >>> return True
> >>> return False
>
> >>> Cheers,
> >>> Robin
>
>
>
> signature.asc
> < 1KViewDownload
