def test_expired_ban(self): """ip is not caught by expired ban""" Ban.objects.create(check_type=BAN_IP, banned_value='127.0.0.1', user_message='User reason', expires_on=timezone.now() - timedelta(days=7)) ip_ban = get_request_ip_ban(FakeRequest()) self.assertIsNone(ip_ban) # repeated call uses cache get_request_ip_ban(FakeRequest())
def test_permanent_ban(self): """ip is caught by permanent ban""" Ban.objects.create(check_type=BAN_IP, banned_value='127.0.0.1', user_message='User reason') ip_ban = get_request_ip_ban(FakeRequest()) self.assertTrue(ip_ban['is_banned']) self.assertEqual(ip_ban['ip'], '127.0.0.1') self.assertEqual(ip_ban['message'], 'User reason') # repeated call uses cache get_request_ip_ban(FakeRequest())
def test_temporary_ban(self): """ip is caught by temporary ban""" Ban.objects.create(check_type=BAN_IP, banned_value='127.0.0.1', user_message='User reason', expires_on=timezone.now() + timedelta(days=7)) ip_ban = get_request_ip_ban(FakeRequest()) self.assertTrue(ip_ban['is_banned']) self.assertEqual(ip_ban['ip'], '127.0.0.1') self.assertEqual(ip_ban['message'], 'User reason') # repeated call uses cache get_request_ip_ban(FakeRequest())
def is_request_banned(self, request): ban = get_request_ip_ban(request) if ban: hydrated_ban = Ban(check_type=BAN_IP, user_message=ban['message'], expires_on=ban['expires_on']) raise Banned(hydrated_ban)
def process_request(self, request): if request.user.is_anonymous(): request.user = AnonymousUser() elif not request.user.is_superuser: if get_request_ip_ban(request) or get_user_ban(request.user): logout(request) request.user.ip = request._misago_real_ip
def decorator(request, *args, **kwargs): ban = get_request_ip_ban(request) if ban: raise PermissionDenied( _("Your IP address is banned from performing this action."), {'ban': ban.get_serialized_message()}) else: return f(request, *args, **kwargs)
def test_expired_ban(self): """ip is not caught by expired ban""" Ban.objects.create(test=BAN_IP, banned_value='127.0.0.1', user_message='User reason', valid_until=date.today() - timedelta(days=7)) ip_ban = get_request_ip_ban(FakeRequest()) self.assertIsNone(ip_ban)
def decorator(request, *args, **kwargs): ban = get_request_ip_ban(request) if ban: hydrated_ban = Ban( check_type=BAN_IP, user_message=ban['message'], expires_on=ban['expires_on']) raise Banned(hydrated_ban) else: return f(request, *args, **kwargs)
def test_temporary_ban(self): """ip is caught by temporary ban""" Ban.objects.create(test=BAN_IP, banned_value='127.0.0.1', user_message='User reason', valid_until=date.today() + timedelta(days=7)) ip_ban = get_request_ip_ban(FakeRequest()) self.assertTrue(ip_ban['is_banned']) self.assertEqual(ip_ban['ip'], '127.0.0.1') self.assertEqual(ip_ban['message'], 'User reason')
def has_permission(self, request, view): if request.user.is_authenticated(): raise PermissionDenied( _("This action is not available to signed in users.")) ban = get_request_ip_ban(request) if ban: raise PermissionDenied( _("Your IP address is banned from performing this action."), {'ban': ban.get_serialized_message()}) return True
def decorator(request, *args, **kwargs): ban = get_request_ip_ban(request) if ban: default_message = _("Your IP address has been banned.") ban_message = ban.get('message') or default_message if ban.get('valid_until'): ban_expires = format_date(ban['valid_until']) expiration_message = _("This ban will expire on %(date)s.") expiration_message = expiration_message % {'date': ban_expires} ban_message = '%s\n\n%s' % (ban_message, expiration_message) raise PermissionDenied(ban_message) else: return f(request, *args, **kwargs)
def validate_ip_not_banned(strategy, details, backend, user=None, *args, **kwargs): """Pipeline step that interrupts pipeline if found user is non-staff and IP banned""" if not user or user.is_staff: return None ban = get_request_ip_ban(strategy.request) if ban: hydrated_ban = Ban( check_type=Ban.IP, user_message=ban['message'], expires_on=ban['expires_on'], ) raise SocialAuthBanned(backend, hydrated_ban)
def test_no_ban(self): """no ban found""" ip_ban = get_request_ip_ban(FakeRequest()) self.assertIsNone(ip_ban)
def decorator(request, *args, **kwargs): ban = get_request_ip_ban(request) if ban: return redirect('misago:index') else: return f(request, *args, **kwargs)
def is_request_banned(self, request): ban = get_request_ip_ban(request) if ban: raise PermissionDenied( _("Your IP address is banned from performing this action."), {'ban': ban.get_serialized_message()})