def test_expired_ban(self):
"""ip is not caught by expired ban"""
Ban.objects.create(check_type=BAN_IP,
banned_value='127.0.0.1',
user_message='User reason',
expires_on=timezone.now() - timedelta(days=7))
ip_ban = get_request_ip_ban(FakeRequest())
self.assertIsNone(ip_ban)
# repeated call uses cache
get_request_ip_ban(FakeRequest())
def test_permanent_ban(self):
"""ip is caught by permanent ban"""
Ban.objects.create(check_type=BAN_IP,
banned_value='127.0.0.1',
user_message='User reason')
ip_ban = get_request_ip_ban(FakeRequest())
self.assertTrue(ip_ban['is_banned'])
self.assertEqual(ip_ban['ip'], '127.0.0.1')
self.assertEqual(ip_ban['message'], 'User reason')
# repeated call uses cache
get_request_ip_ban(FakeRequest())
def test_temporary_ban(self):
"""ip is caught by temporary ban"""
Ban.objects.create(check_type=BAN_IP,
banned_value='127.0.0.1',
user_message='User reason',
expires_on=timezone.now() + timedelta(days=7))
ip_ban = get_request_ip_ban(FakeRequest())
self.assertTrue(ip_ban['is_banned'])
self.assertEqual(ip_ban['ip'], '127.0.0.1')
self.assertEqual(ip_ban['message'], 'User reason')
# repeated call uses cache
get_request_ip_ban(FakeRequest())
def is_request_banned(self, request):
ban = get_request_ip_ban(request)
if ban:
hydrated_ban = Ban(check_type=BAN_IP,
user_message=ban['message'],
expires_on=ban['expires_on'])
raise Banned(hydrated_ban)
def process_request(self, request):
if request.user.is_anonymous():
request.user = AnonymousUser()
elif not request.user.is_superuser:
if get_request_ip_ban(request) or get_user_ban(request.user):
logout(request)
request.user.ip = request._misago_real_ip
def decorator(request, *args, **kwargs):
ban = get_request_ip_ban(request)
if ban:
raise PermissionDenied(
_("Your IP address is banned from performing this action."),
{'ban': ban.get_serialized_message()})
else:
return f(request, *args, **kwargs)
def test_expired_ban(self):
"""ip is not caught by expired ban"""
Ban.objects.create(test=BAN_IP,
banned_value='127.0.0.1',
user_message='User reason',
valid_until=date.today() - timedelta(days=7))
ip_ban = get_request_ip_ban(FakeRequest())
self.assertIsNone(ip_ban)
def decorator(request, *args, **kwargs):
ban = get_request_ip_ban(request)
if ban:
hydrated_ban = Ban(
check_type=BAN_IP,
user_message=ban['message'],
expires_on=ban['expires_on'])
raise Banned(hydrated_ban)
else:
return f(request, *args, **kwargs)
def test_temporary_ban(self):
"""ip is caught by temporary ban"""
Ban.objects.create(test=BAN_IP,
banned_value='127.0.0.1',
user_message='User reason',
valid_until=date.today() + timedelta(days=7))
ip_ban = get_request_ip_ban(FakeRequest())
self.assertTrue(ip_ban['is_banned'])
self.assertEqual(ip_ban['ip'], '127.0.0.1')
self.assertEqual(ip_ban['message'], 'User reason')
def has_permission(self, request, view):
if request.user.is_authenticated():
raise PermissionDenied(
_("This action is not available to signed in users."))
ban = get_request_ip_ban(request)
if ban:
raise PermissionDenied(
_("Your IP address is banned from performing this action."),
{'ban': ban.get_serialized_message()})
return True
def decorator(request, *args, **kwargs):
ban = get_request_ip_ban(request)
if ban:
default_message = _("Your IP address has been banned.")
ban_message = ban.get('message') or default_message
if ban.get('valid_until'):
ban_expires = format_date(ban['valid_until'])
expiration_message = _("This ban will expire on %(date)s.")
expiration_message = expiration_message % {'date': ban_expires}
ban_message = '%s\n\n%s' % (ban_message, expiration_message)
raise PermissionDenied(ban_message)
else:
return f(request, *args, **kwargs)
def validate_ip_not_banned(strategy, details, backend, user=None, *args, **kwargs):
"""Pipeline step that interrupts pipeline if found user is non-staff and IP banned"""
if not user or user.is_staff:
return None
ban = get_request_ip_ban(strategy.request)
if ban:
hydrated_ban = Ban(
check_type=Ban.IP,
user_message=ban['message'],
expires_on=ban['expires_on'],
)
raise SocialAuthBanned(backend, hydrated_ban)
def test_no_ban(self):
"""no ban found"""
ip_ban = get_request_ip_ban(FakeRequest())
self.assertIsNone(ip_ban)
def decorator(request, *args, **kwargs):
ban = get_request_ip_ban(request)
if ban:
return redirect('misago:index')
else:
return f(request, *args, **kwargs)
def is_request_banned(self, request):
ban = get_request_ip_ban(request)
if ban:
raise PermissionDenied(
_("Your IP address is banned from performing this action."),
{'ban': ban.get_serialized_message()})
