Feed error messages through a cors wrapper so that people on other domains can see what's happening.

endpoints/api/prototype.py

@@ -1,8 +1,7 @@
 from flask import request
-from flask.ext.restful import abort
 
 from endpoints.api import (resource, nickname, ApiResource, validate_json_request, request_error,
-                           log_action)
+                           log_action, Unauthorized, NotFound)
 from auth.permissions import AdministerOrganizationPermission
 from auth.auth_context import get_authenticated_user
 from data import model
@@ -123,13 +122,13 @@ class PermissionPrototypeList(ApiResource):
       try:
         org = model.get_organization(orgname)
       except model.InvalidOrganizationException:
-        abort(404)
+        raise NotFound()
 
       permissions = model.get_prototype_permissions(org)
       org_members = model.get_organization_member_set(orgname)
       return {'prototypes': [prototype_view(p, org_members)  for p in permissions]}
       
-    abort(403)
+    raise Unauthorized()
 
   @nickname('createOrganizationPrototypePermission')
   @validate_json_request('NewPrototype')
@@ -140,7 +139,7 @@ class PermissionPrototypeList(ApiResource):
       try:
         org = model.get_organization(orgname)
       except model.InvalidOrganizationException:
-        abort(404)
+        raise NotFound()
 
       details = request.get_json()
       activating_username = None
@@ -162,10 +161,10 @@ class PermissionPrototypeList(ApiResource):
                        if delegate_teamname else None)
 
       if activating_username and not activating_user:
-        return request_error(message='Unknown activating user')
+        raise request_error(message='Unknown activating user')
 
       if not delegate_user and not delegate_team:
-        return request_error(message='Missing delegate user or team')
+        raise request_error(message='Missing delegate user or team')
 
       role_name = details['role']
 
@@ -175,7 +174,7 @@ class PermissionPrototypeList(ApiResource):
       org_members = model.get_organization_member_set(orgname)
       return prototype_view(prototype, org_members)
       
-    abort(403)
+    raise Unauthorized()
 
 
 @resource('/v1/organization/<orgname>/prototypes/<prototypeid>')
@@ -211,17 +210,17 @@ class PermissionPrototype(ApiResource):
       try:
         org = model.get_organization(orgname)
       except model.InvalidOrganizationException:
-        abort(404)
+        raise NotFound()
 
       prototype = model.delete_prototype_permission(org, prototypeid)
       if not prototype:
-        abort(404)
+        raise NotFound()
 
       log_prototype_action('delete_prototype_permission', orgname, prototype)
 
       return 'Deleted', 204
       
-    abort(403)
+    raise Unauthorized()
 
   @nickname('updateOrganizationPrototypePermission')
   @validate_json_request('PrototypeUpdate')
@@ -232,21 +231,21 @@ class PermissionPrototype(ApiResource):
       try:
         org = model.get_organization(orgname)
       except model.InvalidOrganizationException:
-        abort(404)
+        raise NotFound()
 
       existing = model.get_prototype_permission(org, prototypeid)
       if not existing:
-        abort(404)
+        raise NotFound()
 
       details = request.get_json()
       role_name = details['role']
       prototype = model.update_prototype_permission(org, prototypeid, role_name)
       if not prototype:
-        abort(404)
+        raise NotFound()
 
       log_prototype_action('modify_prototype_permission', orgname, prototype,
                            original_role=existing.role.name)
       org_members = model.get_organization_member_set(orgname)
       return prototype_view(prototype, org_members)
       
-    abort(403)
+    raise Unauthorized()