From 692d015627ecf03fbc23cfdb4afcf398b9a09a51 Mon Sep 17 00:00:00 2001
From: RaNaN <Mast3rRaNaN@hotmail.de>
Date: Thu, 12 Jan 2012 17:26:28 +0100
Subject: scripts for testing and syntax unit test

---
 module/web/api_app.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'module/web/api_app.py')

diff --git a/module/web/api_app.py b/module/web/api_app.py
index 1629c1677..160a984df 100644
--- a/module/web/api_app.py
+++ b/module/web/api_app.py
@@ -11,6 +11,7 @@ from utils import toDict, set_session
 from webinterface import PYLOAD
 
 from module.common.json_layer import json
+from module.utils import remove_chars
 from module.lib.SafeEval import const_eval as literal_eval
 from module.Api import BaseObject
 
@@ -33,7 +34,8 @@ def call_api(func, args=""):
 
     s = request.environ.get('beaker.session')
     if 'session' in request.POST:
-        s = s.get_by_id(request.POST['session'])
+    	# removes "' so it works on json strings
+        s = s.get_by_id(remove_chars(request.POST['session'], "'\""))
 
     if not s or not s.get("authenticated", False):
         return HTTPError(403, json.dumps("Forbidden"))
-- 
cgit v1.2.3