diff --git a/src/python/dm/common/service/loginController.py b/src/python/dm/common/service/loginController.py
index fd87167d22d12d56c60218db06b05aebf4972e64..8226be02ac390397c798fd174b5d225132f63d34 100755
--- a/src/python/dm/common/service/loginController.py
+++ b/src/python/dm/common/service/loginController.py
@@ -170,19 +170,20 @@ class LoginController(DmController):
raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', InvalidSession(errorMsg))
username = sessionInfo.get(LoginController.SESSION_USERNAME_KEY)
+ if not username:
+ errorMsg = 'Invalid session id: %s (no username supplied).' % sessionId
+ logger.debug(errorMsg)
+ raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', InvalidSession(errorMsg))
+
cherrypy.session[LoginController.SESSION_ROLE_KEY] = sessionInfo[LoginController.SESSION_ROLE_KEY]
logger.debug('Session id %s is valid (username: %s)' % (sessionId, username))
- if username:
- cherrypy.request.login = username
- for condition in conditions:
- # A condition is just a callable that returns true or false
- if not condition():
- logger.debug('Authorization check %s() failed for username %s' % (condition.func_name, username))
- errorMsg = 'Authorization check %s() failed for user %s.' % (condition.func_name, username)
- raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', AuthorizationError(errorMsg))
- else:
- logger.debug('Username is not supplied')
- raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', ex)
+ cherrypy.request.login = username
+ for condition in conditions:
+ # A condition is just a callable that returns true or false
+ if not condition():
+ logger.debug('Authorization check %s() failed for username %s' % (condition.func_name, username))
+ errorMsg = 'Authorization check %s() failed for user %s.' % (condition.func_name, username)
+ raise DmHttpError(dmHttpStatus.DM_HTTP_UNAUTHORIZED, 'User Not Authorized', AuthorizationError(errorMsg))
@cherrypy.expose