Feed error messages through a cors wrapper so that people on other domains can see what's happening.

endpoints/api/repository.py

@@ -2,13 +2,12 @@ import logging
 import json
 
 from flask import current_app, request
-from flask.ext.restful import reqparse, abort
 
 from data import model
 from endpoints.api import (truthy_bool, format_date, nickname, log_action, validate_json_request,
                            require_repo_read, require_repo_write, require_repo_admin,
                            RepositoryParamResource, resource, query_param, parse_args, ApiResource,
-                           request_error, require_scope)
+                           request_error, require_scope, Unauthorized, NotFound)
 from auth.permissions import (ReadRepositoryPermission, ModifyRepositoryPermission,
                               AdministerRepositoryPermission, CreateRepositoryPermission)
 from auth.auth import process_auth
@@ -73,7 +72,7 @@ class RepositoryList(ApiResource):
 
       existing = model.get_repository(namespace_name, repository_name)
       if existing:
-        return request_error(message='Repository already exists')
+        raise request_error(message='Repository already exists')
 
       visibility = req['visibility']
 
@@ -89,7 +88,7 @@ class RepositoryList(ApiResource):
         'name': repository_name
       }, 201
 
-    abort(403)
+    raise Unauthorized()
 
   @nickname('listRepos')
   @parse_args
@@ -213,7 +212,7 @@ class Repository(RepositoryParamResource):
         'status_token': repo.badge_token if not is_public else ''
       }
 
-    abort(404)  # Not found
+    raise NotFound()
   
   @require_repo_write
   @nickname('updateRepo')
@@ -232,7 +231,7 @@ class Repository(RepositoryParamResource):
       return {
           'success': True
       }
-    abort(404)  # Not found
+    raise NotFound()
 
   @require_repo_admin
   @nickname('deleteRepository')