diff --git a/ZScoDoc.py b/ZScoDoc.py index 3a2d328b..56204368 100644 --- a/ZScoDoc.py +++ b/ZScoDoc.py @@ -186,7 +186,7 @@ class ZScoDoc(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Imp except: log("adding getAuthFailedMessage to Zope install") parent = self.aq_parent - from OFS.DTMLMethod import addDTMLMethod + from OFS.DTMLMethod import addDTMLMethod # pylint: disable=import-error addDTMLMethod(parent, "getAuthFailedMessage", file="Identification") @@ -661,15 +661,13 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa def standard_error_message( self, error_value=None, - error_message=None, + error_message=None, # unused ? error_type=None, error_traceback=None, error_tb=None, **kv ): "Recuperation des exceptions Zope" - sco_exc_mail = scu.SCO_EXC_MAIL - sco_dev_mail = scu.SCO_DEV_MAIL # neat (or should I say dirty ?) hack to get REQUEST # in fact, our caller (probably SimpleItem.py) has the REQUEST variable # that we'd like to use for our logs, but does not pass it as an argument. @@ -682,9 +680,6 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa # Authentication uses exceptions, pass them up HTTP_X_FORWARDED_FOR = REQUEST.get("HTTP_X_FORWARDED_FOR", "") if error_type == "LoginRequired": - # raise 'LoginRequired', '' # copied from exuserFolder (beurk, old style exception...) - # if REQUEST: - # REQUEST.response.setStatus( 401, "Unauthorized") # ?????? log("LoginRequired from %s" % HTTP_X_FORWARDED_FOR) self.login_page = error_value return error_value @@ -695,6 +690,14 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa log("exception caught: %s" % error_type) log(traceback.format_exc()) + params = { + "error_type": error_type, + "error_value": error_value, + "error_tb": error_tb, + "sco_exc_mail": scu.SCO_EXC_MAIL, + "sco_dev_mail": scu.SCO_DEV_MAIL, + } + if error_type == "ScoGenError": return "

" + str(error_value) + "

" elif error_type in ("ScoValueError", "FormatError"): @@ -732,11 +735,11 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa

""" - % vars() + % params ) # display error traceback (? may open a security risk via xss attack ?) # log('exc B') - txt_html = self._report_request(REQUEST, fmt="html") + params["txt_html"] = self._report_request(REQUEST, fmt="html") H.append( """

Zope Traceback (à envoyer par mail à %(sco_dev_mail)s)

%(error_tb)s @@ -747,7 +750,7 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa

Merci de votre patience !

""" - % vars() + % params ) try: H.append(self.standard_html_footer(REQUEST)) @@ -756,14 +759,14 @@ Problème de connexion (identifiant, mot de passe): contacter votre responsa pass # --- Mail: - error_traceback_txt = scu.scodoc_html2txt(error_tb) + params["error_traceback_txt"] = scu.scodoc_html2txt(error_tb) txt = ( """ ErrorType: %(error_type)s %(error_traceback_txt)s """ - % vars() + % params ) self.send_debug_alert(txt, REQUEST=REQUEST) @@ -774,25 +777,29 @@ ErrorType: %(error_type)s def _report_request(self, REQUEST, fmt="txt"): """string describing current request for bug reports""" - AUTHENTICATED_USER = REQUEST.get("AUTHENTICATED_USER", "") - dt = time.asctime() - URL = REQUEST.get("URL", "") QUERY_STRING = REQUEST.get("QUERY_STRING", "") if QUERY_STRING: QUERY_STRING = "?" + QUERY_STRING - METHOD = REQUEST.get("REQUEST_METHOD", "") - if fmt == "txt": REFERER = REQUEST.get("HTTP_REFERER", "") HTTP_USER_AGENT = REQUEST.get("HTTP_USER_AGENT", "") else: REFERER = "na" HTTP_USER_AGENT = "na" - form = REQUEST.get("form", "") - HTTP_X_FORWARDED_FOR = REQUEST.get("HTTP_X_FORWARDED_FOR", "") - svn_version = scu.get_svn_version(self.file_path) - SCOVERSION = VERSION.SCOVERSION + params = dict( + AUTHENTICATED_USER=REQUEST.get("AUTHENTICATED_USER", ""), + dt=time.asctime(), + URL=REQUEST.get("URL", ""), + QUERY_STRING=QUERY_STRING, + METHOD=REQUEST.get("REQUEST_METHOD", ""), + REFERER=REFERER, + HTTP_USER_AGENT=HTTP_USER_AGENT, + form=REQUEST.get("form", ""), + HTTP_X_FORWARDED_FOR=REQUEST.get("HTTP_X_FORWARDED_FOR", ""), + svn_version=scu.get_svn_version(self.file_path), + SCOVERSION=VERSION.SCOVERSION, + ) txt = ( """ Version: %(SCOVERSION)s @@ -808,7 +815,7 @@ Agent: %(HTTP_USER_AGENT)s subversion: %(svn_version)s """ - % vars() + % params ) if fmt == "html": txt = txt.replace("\n", "
")