erp5_api_style: fix Unauthorized exception to avoid redirect

bt5/erp5_api_style/DocumentTemplateItem/portal_components/document.erp5.jIOWebSection.py

@@ -33,10 +33,26 @@ from Acquisition import aq_inner
 from OFS.Traversable import NotFound
 from erp5.component.document.WebSection import WebSection
 from Products.ERP5Type import Permissions
+from zExceptions import HTTPClientError
 from zLOG import LOG, INFO
 
 MARKER = []
 
+# Redefine an Unauthorized error to avoid Zope redirecting the user to the main ERP5 login form
+class jIOUnauthorized(HTTPClientError):
+  errmsg = 'Unauthorized'
+  status = 401
+
+  def __init__(self, underlyingError):
+    HTTPClientError.__init__(self)
+    self.underlyingError = underlyingError
+
+  def __str__(self):
+    return str(self.underlyingError)
+
+  def __bytes__(self):
+    return bytes(self.underlyingError)
+
 def convertTojIOAPICall(function):
   """
   Wrap the method to create a log entry for each invocation to the zope logger
@@ -45,19 +61,18 @@ def convertTojIOAPICall(function):
     """
     Log the call, and the result of the call
     """
+    #assert(self.REQUEST.REQUEST_METHOD == "POST")
     try:
       self.REQUEST.response.setHeader("Content-Type", "application/json")
       retval = function(self, *args, **kwd)
     except Unauthorized, e:
-      LOG('jIOWebSection', INFO, 'Converting Unauthorized to Unauthorized error mesage in JSON,',
-          error=True)
       body = self.ERP5Site_logApiErrorAndReturn(
-        error_code="403",
+        error_code="401",
         error_message=str(e),
         error_name="Unauthorized"
       )
       self.REQUEST.response.setBody(body, lock=True)
-      raise
+      raise jIOUnauthorized(e)
     except NotFound, e:
       LOG('jIOWebSection', INFO, 'Converting NotFound to NotFound error mesage in JSON,',
           error=True)