[okfn-help] CKAN try/except changes

John Bywater john.bywater at appropriatesoftware.net
Fri Feb 15 12:20:39 UTC 2008


Hi Rufus,

Just thought I should highlight the fact that in the package controller 
I've adjusted a few of the try/except clauses. These changes should 
probably be "code reviewed" fairly carefully by you, because I don't 
know for sure that there wasn't some alternative path of execution that 
you'd provided for, and that that I've overlooked.

My purpose is to remove from the controller explicit protection for 
"programmer errors", and to code the CKAN error conditions more 
specifically than "500 Server Error" (which should be handled not by the 
controller, but rather by the framework. If such error pages are 
required to look and feel like CKAN pages, that's a matter of fixing up 
the Pylons' ErrorDocuments object of course).

The only method I didn't fix up in this way so far is the 
_render_package() method. The method is called from two places, edit() 
and read().

The read() method is already adequately protected, because once the 
package is found ("404 Not Found" otherwise) any error will be a 
programming error, properly handled by the framework.

However, the edit() method passes data copied from the request 
parameters (indict), data which doesn't appear to be checked in any 
way(?). I would think this data could be checked quite strictly (key 
names and values types), invalid data resulting in an "400 Invalid 
Request", after which would can remove the try/except/500 complication.

http://project.knowledgeforge.net/ckan/trac/browser/ckan/trunk/ckan/controllers/package.py?rev=243#L66

Best wishes,

John.


-- 
Appropriate Software Foundation
Registered in England and Wales
17 Chapel Street, Hyde Cheshire
Company number: 04977110
W: appropriatesoftware.net
T: 0870 720 2944
M: 0781 139 2292






More information about the okfn-help mailing list