The right responses for 401 and 403 are Unauthorized and Forbidden
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) in Piston the
rc.FORBIDDEN returns a 401 code.
There are three bugs associated with this:
https://bitbucket.org/jespern/django-piston/issue/160/rcforbidden-returns-status-code-401
https://bitbucket.org/jespern/django-piston/issue/149/pistonutilsrccodes-suggestion-on-401-and
https://bitbucket.org/jespern/django-piston/issue/125/http-code-forbidden-and-unauthorized
None of them have comments in at least one year.
For compatibility purpose I want to add (at the repo
https://github.com/django-piston/django-piston-oauth2)a
DeprecationWarning in order to change all the rc.FORBIDDEN to
rc.UNAUTHORIZED, and a PendingDeprecationWarning to add a rc.FORBIDDEN
with status code 403. So, the migration will be just change the
current FORBIDDEN for UNAUTHORIZED, and then add the correct
rc.FORBIDDEN where is needed.
Tell me what do you think.
Bye
--
Jorge Eduardo Cardona
jorgee...@gmail.com
jorgeecardona.blogspot.com
github.com/jorgeecardona
------------------------------------------------
Linux registered user #391186
Registered machine #291871
------------------------------------------------
+1. I've mostly been using the django responses for just this reason.
return self.rc('DELETED', content='Some information about the object')
return self.rc('CREATED', object)
or
return self.DELETED
return self.CREATED
return self.CREATED(object)
in the handler's methods create, read, update, delete.
What I want is to be able to add some content to the response, use the
correct status codes, create some shortcuts for it and use the current
emitter in piston.
What do you think?