def test_handler_403(self, mock_render): mock_request = mock.MagicMock() mock_render.return_value = '403' context = {'error_code': '403', 'error_title': 'Forbidden', 'error_message': "We apologize, but this operation is not permitted.", 'error_image': '/static/tethys_portal/images/error_403.png'} self.assertEquals('403', handler_403(mock_request)) mock_render.assert_called_once_with(mock_request, 'tethys_portal/error.html', context, status=403)
def test_handler_403(self, mock_render): mock_request = mock.MagicMock() mock_render.return_value = '403' context = { 'error_code': '403', 'error_title': 'Forbidden', 'error_message': "We apologize, but this operation is not permitted.", 'error_image': '/static/tethys_portal/images/error_403.png' } self.assertEquals('403', handler_403(mock_request)) mock_render.assert_called_once_with(mock_request, 'tethys_portal/error.html', context, status=403)
def test_handler_403(self, mock_render): mock_request = mock.MagicMock() mock_render.return_value = '403' context = { 'error_code': '403', 'error_title': 'Sorry, you are unable to access this page right now.', 'error_message': 'error message', 'error_image': '/static/tethys_portal/images/data.png' } self.assertEquals('403', handler_403(mock_request, exception="error message")) mock_render.assert_called_once_with(mock_request, 'tethys_portal/403error.html', context, status=403)
def _wrapped_controller(*args, **kwargs): # With OR check, we assume the permission test passes upfront # Find request (varies position if class method is wrapped) # e.g.: func(request, *args, **kwargs) vs. method(self, request, *args, **kwargs) request_args_index = None the_self = None for index, arg in enumerate(args): if isinstance(arg, HttpRequest): request_args_index = index # Args are everything after the request object if request_args_index is not None: request = args[request_args_index] else: raise ValueError("No HttpRequest object provided.") if request_args_index > 0: the_self = args[0] args = args[request_args_index + 1:] # OR Loop if use_or: pass_permission_test = False for perm in perms: # If any one of the permission evaluates to True, the test passes if has_permission(request, perm): pass_permission_test = True break # AND Loop else: # Assume pass test pass_permission_test = True for perm in perms: # If any one of the permissions evaluates to False, the test fails if not has_permission(request, perm): pass_permission_test = False break if not pass_permission_test: if not raise_exception: # If user is authenticated... if request.user.is_authenticated: # User feedback messages.add_message(request, messages.WARNING, message) # Default redirect URL redirect_url = reverse('app_library') # If there is a referer (i.e.: we followed a link to get here) if 'HTTP_REFERER' in request.META: # Try to redirect to the referer URL referer = request.META['HTTP_REFERER'] parsed_referer = urlparse(referer) # But avoid an infinite redirect loop (if referer is self somehow) if parsed_referer.path != request.path: # e.g. hostname:port request_host_parts = request.get_host().split( ':') # Only attempt redirect if host names are the same if len( request_host_parts ) > 0 and parsed_referer.hostname == request_host_parts[ 0]: redirect_url = parsed_referer.path # Redirect to apps library with message return redirect(redirect_url) # If not authenticated... else: # User feedback messages.add_message( request, messages.INFO, "You must be logged in to access this feature.") # Redirect to login page return redirect( reverse('accounts:login') + '?next=' + request.path) else: # Return Error 404: Not Found in production to prevent directory enumeration if not getattr(settings, 'DEBUG', False): return tethys_portal_error.handler_404(request) return tethys_portal_error.handler_403(request) # Call the controller if the_self is not None: response = controller_func(the_self, request, *args, **kwargs) else: response = controller_func(request, *args, **kwargs) return response
def _wrapped_controller(*args, **kwargs): # With OR check, we assume the permission test passes upfront # Find request (varies position if class method is wrapped) # e.g.: func(request, *args, **kwargs) vs. method(self, request, *args, **kwargs) request_args_index = None the_self = None for index, arg in enumerate(args): if isinstance(arg, WSGIRequest): request_args_index = index # Args are everything after the request object if request_args_index is not None: request = args[request_args_index] else: raise ValueError("No WSGIRequest object provided.") if request_args_index > 0: the_self = args[0] args = args[request_args_index+1:] # OR Loop if use_or: pass_permission_test = False for perm in perms: # If any one of the permission evaluates to True, the test passes if has_permission(request, perm): pass_permission_test = True break # AND Loop else: # Assume pass test pass_permission_test = True for perm in perms: # If any one of the permissions evaluates to False, the test fails if not has_permission(request, perm): pass_permission_test = False break if not pass_permission_test: if not raise_exception: # If user is authenticated... if request.user.is_authenticated: # User feedback messages.add_message(request, messages.WARNING, message) # Default redirect URL redirect_url = reverse('app_library') # If there is a referer (i.e.: we followed a link to get here) if 'HTTP_REFERER' in request.META: # Try to redirect to the referer URL referer = request.META['HTTP_REFERER'] parsed_referer = urlparse(referer) # But avoid an infinite redirect loop (if referer is self somehow) if parsed_referer.path != request.path: # e.g. hostname:port request_host_parts = request.get_host().split(':') # Only attempt redirect if host names are the same if len(request_host_parts) > 0 and parsed_referer.hostname == request_host_parts[0]: redirect_url = parsed_referer.path # Redirect to apps library with message return redirect(redirect_url) # If not authenticated... else: # User feedback messages.add_message(request, messages.INFO, "You must be logged in to access this feature.") # Redirect to login page return redirect(reverse('accounts:login') + '?next=' + request.path) else: return tethys_portal_error.handler_403(request) # Call the controller if the_self is not None: response = controller_func(the_self, request, *args, **kwargs) else: response = controller_func(request, *args, **kwargs) return response
def _wrapped_controller(request, *args, **kwargs): # With OR check, we assume the permission test passes upfront # Check permission pass_permission_test = True # OR Loop if use_or: pass_permission_test = False for perm in perms: # If any one of the permission evaluates to True, the test passes if has_permission(request, perm): pass_permission_test = True break # AND Loop else: # Assume pass test pass_permission_test = True for perm in perms: # If any one of the permissions evaluates to False, the test fails if not has_permission(request, perm): pass_permission_test = False break if not pass_permission_test: if not raise_exception: # If user is authenticated... if request.user.is_authenticated(): # User feedback messages.add_message(request, messages.WARNING, message) # Default redirect URL redirect_url = reverse('app_library') # If there is a referer (i.e.: we followed a link to get here) if 'HTTP_REFERER' in request.META: # Try to redirect to the referer URL referer = request.META['HTTP_REFERER'] parsed_referer = urlparse(referer) # But avoid an infinite redirect loop (if referer is self somehow) if parsed_referer.path != request.path: # e.g. hostname:port request_host_parts = request.get_host().split( ':') # Only attempt redirect if host names are the same if len( request_host_parts ) > 0 and parsed_referer.hostname == request_host_parts[ 0]: redirect_url = parsed_referer.path # Redirect to apps library with message return redirect(redirect_url) # If not authenticated... else: # User feedback messages.add_message( request, messages.INFO, "You must be logged in to access this feature.") # Redirect to login page return redirect( reverse('accounts:login') + '?next=' + request.path) else: return tethys_portal_error.handler_403(request) return controller_func(request, *args, **kwargs)
def _wrapped_controller(request, *args, **kwargs): # With OR check, we assume the permission test passes upfront # Check permission pass_permission_test = True # OR Loop if use_or: pass_permission_test = False for perm in perms: # If any one of the permission evaluates to True, the test passes if has_permission(request, perm): pass_permission_test = True break # AND Loop else: # Assume pass test pass_permission_test = True for perm in perms: # If any one of the permissions evaluates to False, the test fails if not has_permission(request, perm): pass_permission_test = False break if not pass_permission_test: if not raise_exception: # If user is authenticated... if request.user.is_authenticated(): # User feedback messages.add_message(request, messages.WARNING, message) # Default redirect URL redirect_url = reverse('app_library') # If there is a referer (i.e.: we followed a link to get here) if 'HTTP_REFERER' in request.META: # Try to redirect to the referer URL referer = request.META['HTTP_REFERER'] parsed_referer = urlparse(referer) # But avoid an infinite redirect loop (if referer is self somehow) if parsed_referer.path != request.path: # e.g. hostname:port request_host_parts = request.get_host().split(':') # Only attempt redirect if host names are the same if len(request_host_parts) > 0 and parsed_referer.hostname == request_host_parts[0]: redirect_url = parsed_referer.path # Redirect to apps library with message return redirect(redirect_url) # If not authenticated... else: # User feedback messages.add_message(request, messages.INFO, "You must be logged in to access this feature.") # Redirect to login page return redirect(reverse('accounts:login') + '?next=' + request.path) else: return tethys_portal_error.handler_403(request) return controller_func(request, *args, **kwargs)