コード例 #1
0
ファイル: test_error.py プロジェクト: SarvaPulla/tethys
    def test_handler_403(self, mock_render):
        mock_request = mock.MagicMock()
        mock_render.return_value = '403'
        context = {'error_code': '403',
                   'error_title': 'Forbidden',
                   'error_message': "We apologize, but this operation is not permitted.",
                   'error_image': '/static/tethys_portal/images/error_403.png'}

        self.assertEquals('403', handler_403(mock_request))
        mock_render.assert_called_once_with(mock_request, 'tethys_portal/error.html', context, status=403)
コード例 #2
0
ファイル: test_error.py プロジェクト: sdc50/tethys
    def test_handler_403(self, mock_render):
        mock_request = mock.MagicMock()
        mock_render.return_value = '403'
        context = {
            'error_code': '403',
            'error_title': 'Forbidden',
            'error_message':
            "We apologize, but this operation is not permitted.",
            'error_image': '/static/tethys_portal/images/error_403.png'
        }

        self.assertEquals('403', handler_403(mock_request))
        mock_render.assert_called_once_with(mock_request,
                                            'tethys_portal/error.html',
                                            context,
                                            status=403)
コード例 #3
0
ファイル: test_error.py プロジェクト: john3641/tethys
    def test_handler_403(self, mock_render):
        mock_request = mock.MagicMock()
        mock_render.return_value = '403'
        context = {
            'error_code': '403',
            'error_title':
            'Sorry, you are unable to access this page right now.',
            'error_message': 'error message',
            'error_image': '/static/tethys_portal/images/data.png'
        }

        self.assertEquals('403',
                          handler_403(mock_request, exception="error message"))
        mock_render.assert_called_once_with(mock_request,
                                            'tethys_portal/403error.html',
                                            context,
                                            status=403)
コード例 #4
0
ファイル: decorators.py プロジェクト: rfun/tethys
        def _wrapped_controller(*args, **kwargs):
            # With OR check, we assume the permission test passes upfront
            # Find request (varies position if class method is wrapped)
            # e.g.: func(request, *args, **kwargs) vs. method(self, request, *args, **kwargs)
            request_args_index = None
            the_self = None

            for index, arg in enumerate(args):
                if isinstance(arg, HttpRequest):
                    request_args_index = index

            # Args are everything after the request object
            if request_args_index is not None:
                request = args[request_args_index]
            else:
                raise ValueError("No HttpRequest object provided.")

            if request_args_index > 0:
                the_self = args[0]

            args = args[request_args_index + 1:]

            # OR Loop
            if use_or:
                pass_permission_test = False
                for perm in perms:
                    # If any one of the permission evaluates to True, the test passes
                    if has_permission(request, perm):
                        pass_permission_test = True
                        break

            # AND Loop
            else:
                # Assume pass test
                pass_permission_test = True

                for perm in perms:
                    # If any one of the permissions evaluates to False, the test fails
                    if not has_permission(request, perm):
                        pass_permission_test = False
                        break

            if not pass_permission_test:
                if not raise_exception:
                    # If user is authenticated...
                    if request.user.is_authenticated:
                        # User feedback
                        messages.add_message(request, messages.WARNING,
                                             message)

                        # Default redirect URL
                        redirect_url = reverse('app_library')

                        # If there is a referer (i.e.: we followed a link to get here)
                        if 'HTTP_REFERER' in request.META:
                            # Try to redirect to the referer URL
                            referer = request.META['HTTP_REFERER']
                            parsed_referer = urlparse(referer)

                            # But avoid an infinite redirect loop (if referer is self somehow)
                            if parsed_referer.path != request.path:
                                # e.g. hostname:port
                                request_host_parts = request.get_host().split(
                                    ':')

                                # Only attempt redirect if host names are the same
                                if len(
                                        request_host_parts
                                ) > 0 and parsed_referer.hostname == request_host_parts[
                                        0]:
                                    redirect_url = parsed_referer.path

                        # Redirect to apps library with message
                        return redirect(redirect_url)

                    # If not authenticated...
                    else:
                        # User feedback
                        messages.add_message(
                            request, messages.INFO,
                            "You must be logged in to access this feature.")

                        # Redirect to login page
                        return redirect(
                            reverse('accounts:login') + '?next=' +
                            request.path)

                else:
                    # Return Error 404: Not Found in production to prevent directory enumeration
                    if not getattr(settings, 'DEBUG', False):
                        return tethys_portal_error.handler_404(request)
                    return tethys_portal_error.handler_403(request)

            # Call the controller
            if the_self is not None:
                response = controller_func(the_self, request, *args, **kwargs)
            else:
                response = controller_func(request, *args, **kwargs)

            return response
コード例 #5
0
ファイル: decorators.py プロジェクト: tethysplatform/tethys
        def _wrapped_controller(*args, **kwargs):
            # With OR check, we assume the permission test passes upfront
            # Find request (varies position if class method is wrapped)
            # e.g.: func(request, *args, **kwargs) vs. method(self, request, *args, **kwargs)
            request_args_index = None
            the_self = None

            for index, arg in enumerate(args):
                if isinstance(arg, WSGIRequest):
                    request_args_index = index

            # Args are everything after the request object
            if request_args_index is not None:
                request = args[request_args_index]
            else:
                raise ValueError("No WSGIRequest object provided.")

            if request_args_index > 0:
                the_self = args[0]

            args = args[request_args_index+1:]

            # OR Loop
            if use_or:
                pass_permission_test = False
                for perm in perms:
                    # If any one of the permission evaluates to True, the test passes
                    if has_permission(request, perm):
                        pass_permission_test = True
                        break

            # AND Loop
            else:
                # Assume pass test
                pass_permission_test = True

                for perm in perms:
                    # If any one of the permissions evaluates to False, the test fails
                    if not has_permission(request, perm):
                        pass_permission_test = False
                        break

            if not pass_permission_test:
                if not raise_exception:
                    # If user is authenticated...
                    if request.user.is_authenticated:
                        # User feedback
                        messages.add_message(request, messages.WARNING, message)

                        # Default redirect URL
                        redirect_url = reverse('app_library')

                        # If there is a referer (i.e.: we followed a link to get here)
                        if 'HTTP_REFERER' in request.META:
                            # Try to redirect to the referer URL
                            referer = request.META['HTTP_REFERER']
                            parsed_referer = urlparse(referer)

                            # But avoid an infinite redirect loop (if referer is self somehow)
                            if parsed_referer.path != request.path:
                                # e.g. hostname:port
                                request_host_parts = request.get_host().split(':')

                                # Only attempt redirect if host names are the same
                                if len(request_host_parts) > 0 and parsed_referer.hostname == request_host_parts[0]:
                                    redirect_url = parsed_referer.path

                        # Redirect to apps library with message
                        return redirect(redirect_url)

                    # If not authenticated...
                    else:
                        # User feedback
                        messages.add_message(request, messages.INFO, "You must be logged in to access this feature.")

                        # Redirect to login page
                        return redirect(reverse('accounts:login') + '?next=' + request.path)

                else:
                    return tethys_portal_error.handler_403(request)

            # Call the controller
            if the_self is not None:
                response = controller_func(the_self, request, *args, **kwargs)
            else:
                response = controller_func(request, *args, **kwargs)

            return response
コード例 #6
0
        def _wrapped_controller(request, *args, **kwargs):
            # With OR check, we assume the permission test passes upfront

            # Check permission
            pass_permission_test = True

            # OR Loop
            if use_or:
                pass_permission_test = False
                for perm in perms:
                    # If any one of the permission evaluates to True, the test passes
                    if has_permission(request, perm):
                        pass_permission_test = True
                        break

            # AND Loop
            else:
                # Assume pass test
                pass_permission_test = True

                for perm in perms:
                    # If any one of the permissions evaluates to False, the test fails
                    if not has_permission(request, perm):
                        pass_permission_test = False
                        break

            if not pass_permission_test:
                if not raise_exception:
                    # If user is authenticated...
                    if request.user.is_authenticated():
                        # User feedback
                        messages.add_message(request, messages.WARNING,
                                             message)

                        # Default redirect URL
                        redirect_url = reverse('app_library')

                        # If there is a referer (i.e.: we followed a link to get here)
                        if 'HTTP_REFERER' in request.META:
                            # Try to redirect to the referer URL
                            referer = request.META['HTTP_REFERER']
                            parsed_referer = urlparse(referer)

                            # But avoid an infinite redirect loop (if referer is self somehow)
                            if parsed_referer.path != request.path:
                                # e.g. hostname:port
                                request_host_parts = request.get_host().split(
                                    ':')

                                # Only attempt redirect if host names are the same
                                if len(
                                        request_host_parts
                                ) > 0 and parsed_referer.hostname == request_host_parts[
                                        0]:
                                    redirect_url = parsed_referer.path

                        # Redirect to apps library with message
                        return redirect(redirect_url)

                    # If not authenticated...
                    else:
                        # User feedback
                        messages.add_message(
                            request, messages.INFO,
                            "You must be logged in to access this feature.")

                        # Redirect to login page
                        return redirect(
                            reverse('accounts:login') + '?next=' +
                            request.path)

                else:
                    return tethys_portal_error.handler_403(request)

            return controller_func(request, *args, **kwargs)
コード例 #7
0
ファイル: decorators.py プロジェクト: zhiyuli/tethys
        def _wrapped_controller(request, *args, **kwargs):
            # With OR check, we assume the permission test passes upfront

            # Check permission
            pass_permission_test = True

            # OR Loop
            if use_or:
                pass_permission_test = False
                for perm in perms:
                    # If any one of the permission evaluates to True, the test passes
                    if has_permission(request, perm):
                        pass_permission_test = True
                        break

            # AND Loop
            else:
                # Assume pass test
                pass_permission_test = True

                for perm in perms:
                    # If any one of the permissions evaluates to False, the test fails
                    if not has_permission(request, perm):
                        pass_permission_test = False
                        break

            if not pass_permission_test:
                if not raise_exception:
                    # If user is authenticated...
                    if request.user.is_authenticated():
                        # User feedback
                        messages.add_message(request, messages.WARNING, message)

                        # Default redirect URL
                        redirect_url = reverse('app_library')

                        # If there is a referer (i.e.: we followed a link to get here)
                        if 'HTTP_REFERER' in request.META:
                            # Try to redirect to the referer URL
                            referer = request.META['HTTP_REFERER']
                            parsed_referer = urlparse(referer)

                            # But avoid an infinite redirect loop (if referer is self somehow)
                            if parsed_referer.path != request.path:
                                # e.g. hostname:port
                                request_host_parts = request.get_host().split(':')

                                # Only attempt redirect if host names are the same
                                if len(request_host_parts) > 0 and parsed_referer.hostname == request_host_parts[0]:
                                    redirect_url = parsed_referer.path

                        # Redirect to apps library with message
                        return redirect(redirect_url)

                    # If not authenticated...
                    else:
                        # User feedback
                        messages.add_message(request, messages.INFO, "You must be logged in to access this feature.")

                        # Redirect to login page
                        return redirect(reverse('accounts:login') + '?next=' + request.path)

                else:
                    return tethys_portal_error.handler_403(request)

            return controller_func(request, *args, **kwargs)