def purchase_callback(request): # Get passed parameters try: pid = request.GET['pid'] ref = request.GET['ref'] result = request.GET['result'] checksum_received = request.GET['checksum'] except KeyError: return defaults.bad_request(request=request, exception=KeyError) pending_transaction = get_object_or_404(PendingTransaction, pk=pid) checksum_valid = pending_transaction.validate_checksum( checksum=checksum_received, ref=ref, result=result) # Handle callback according to result if checksum_valid: transaction, purchase = Transaction.objects.create_from_pending( pending_transaction=pending_transaction, ref=ref, result=result) if result == 'success': purchased_game = pending_transaction.game transaction.user.games.add(purchased_game) return redirect('community:game-play', game_id=purchased_game.id) elif result == 'cancel' or result == 'error': return redirect('webshop:purchase-game', game_id=pending_transaction.game.id) else: return defaults.bad_request(request=request, exception=SuspiciousOperation)
def dashboard(request, lang): print lang if lang not in ['ru', 'en']: return bad_request(request) return render_to_response('dashboard.html', {'type': '', 'title': international['title'][lang], 'lang': lang})
def finland_comp_url(request, lang, regions, from_year, to_year, chart_type, trend_type, stat_type, scale_type): regions = regions.split(",") from_year = int(from_year) to_year = int(to_year) accident_name = get_accident_name_by_type('all', lang) stat_name = get_stat_name_by_type(stat_type, lang, True) chart_name = get_chart_name_by_type(chart_type, lang) trend_name = get_trend_name_by_type(trend_type, lang) scale_name = get_scale_name_by_type(scale_type, lang, True) if from_year > to_year or accident_name is None or stat_name is None or chart_name is None or trend_name is None \ or scale_name is None: return bad_request(request) parameters = ((international['regions_title'][lang], list_to_str(regions)), (international['from_title'][lang], from_year), (international['to_title'][lang], to_year), (international['graph_type_title'][lang], chart_name), (international['trend_line_title'][lang], trend_name), (international['reason_title'][lang], accident_name), (international['observed_title'][lang], stat_name), (international['scale_title'][lang], scale_name),) return render_to_response('finland_comp_by_url.html', {"type": "finland_comp", "title": international['title'][lang], "chart_title": international['diff_fin_rus_title'][lang], 'lang': lang, "parameters_title": international['parameters_title'][lang], "info_header": international['information_header'][lang], "parameters": parameters, "url": request.path})
def mute(request, key): try: tmp_comment = signed.loads(str(key), extra_key=settings.COMMENTS_XTD_SALT) except (ValueError, signed.BadSignature) as exc: return bad_request(request, exc) # Can't mute a comment that doesn't have the followup attribute # set to True, or a comment that doesn't exist. if not tmp_comment.followup or _get_comment_if_exists(tmp_comment) is None: raise Http404 # Send signal that the comment thread has been muted signals.comment_thread_muted.send(sender=XtdComment, comment=tmp_comment, request=request) XtdComment.norel_objects.filter(content_type=tmp_comment.content_type, object_pk=tmp_comment.object_pk, user_email=tmp_comment.user_email, is_public=True, followup=True).update(followup=False) model = apps.get_model(tmp_comment.content_type.app_label, tmp_comment.content_type.model) target = model._default_manager.get(pk=tmp_comment.object_pk) template_arg = [ "django_comments_xtd/%s/%s/muted.html" % (tmp_comment.content_type.app_label, tmp_comment.content_type.model), "django_comments_xtd/%s/muted.html" % (tmp_comment.content_type.app_label, ), "django_comments_xtd/muted.html" ] return render(request, template_arg, {"content_object": target})
def tssUpdateSmart(request): from .supportview.tssIUview import tssEdit try: return tssEdit(request) except Exception as ex: print(ex) return bad_request(request, ex)
def ajax_load_privileges(request, role_type, role_id, resource_type): if not request.is_ajax(): return bad_request(request, ValueError('not an ajax request')) resource_class = app_settings.mapping.get_class(resource_type) resource_instances = resource_class.objects.order_by('id') default_access_types = ('read', 'update', 'delete') data = [] for resource in resource_instances: current_privileges = {} db_access_types = [] for privilege in RolePrivilege.objects.filter( role_type=role_type, role_id=role_id, resource_type=resource_type, resource_id=resource.id): current_privileges[privilege.access_type] = privilege.authorized db_access_types.append(privilege.access_type) for default_access_type in default_access_types: if default_access_type not in db_access_types: current_privileges[default_access_type] = None data.append(current_privileges) return HttpResponse(json.dumps(data), content_type="application/json")
def post(self, request, *args, **kwargs): try: data = json.loads(request.body).get('schema_data', {}) draft = DraftRegistration.load(self.kwargs.get('draft_pk')) draft.update_metadata(data) draft.save() log_message = list() for key, value in data.iteritems(): comments = data.get(key, {}).get('comments', []) for comment in comments: log_message.append('{}: {}'.format(key, comment['value'])) update_admin_log( user_id=request.user.id, object_id=draft._id, object_repr='Draft Registration', message='Comments: <p>{}</p>'.format('</p><p>'.join(log_message)), action_flag=COMMENT_PREREG ) return JsonResponse(serializers.serialize_draft_registration(draft)) except AttributeError: raise Http404('{} with id "{}" not found.'.format( self.context_object_name.title(), self.kwargs.get('draft_pk') )) except NodeStateError as e: return bad_request(request, e)
def confirm(request, key, template_discarded="django_comments_xtd/discarded.html"): try: tmp_comment = signed.loads(str(key), extra_key=settings.COMMENTS_XTD_SALT) except (ValueError, signed.BadSignature) as exc: return bad_request(request, exc) # The comment does exist if the URL was already confirmed, # in such a case, as per suggested in ticket #80, we return # the comment's URL, as if the comment is just confirmed. comment = _get_comment_if_exists(tmp_comment) if comment is not None: return redirect(comment) # Send signal that the comment confirmation has been received. responses = signals.confirmation_received.send(sender=TmpXtdComment, comment=tmp_comment, request=request) # Check whether a signal receiver decides to discard the comment. for (receiver, response) in responses: if response is False: return render(request, template_discarded, {'comment': tmp_comment}) comment = _create_comment(tmp_comment) if comment.is_public is False: return render(request, get_moderated_tmpl(comment), {'comment': comment}) else: notify_comment_followers(comment) return redirect(comment)
def list_occupation_data(request): occupation = request.GET.get('occupation', '') if occupation: notificationDatas = NotificationData.objects.filter(owner__occupation=occupation) return render(request, 'pusher/participant_data.html', {"notificationDatas":notificationDatas,}) else: return bad_request(request, exception, template_name='400.html')
def loginSmart(request): from django.contrib.auth import authenticate, login wrongUser = {} if request.method == 'POST': try: username = request.POST['username'] password = request.POST['password'] except Exception as ex: return bad_request(request, ex) user = authenticate(request, username=username, password=password) if user is not None: if user.is_superuser: wrongUser = {"message": "Please use Site Admin"} else: try: CompanyUser.objects.get(user=user).comp login(request, user) except: wrongUser = { "message": "Please contact admin to assign your company and your role. Then you can login" } else: wrongUser = {"message": "Wrong username or password"} if request.user.is_authenticated: return redirect('/index') return render(request, 'frontend/login.html', wrongUser)
def post(self, request): run_form = forms.RunSelectionForm(request.POST) if run_form.is_valid(): run_id = run_form.cleaned_data['runs'] else: return bad_request(request, IndexError) context = self.get_context_data(run_form, run_id) return self.render_to_response(context)
def post(self, request, *args, **kwargs): form_class_name = request.POST.get('service_type', None) if not form_class_name: return bad_request(request, _('Invalid form param: service_type')) if form_class_name not in self.acceptable_forms: return bad_request(request, _('Invalid form param: service_type')) form_class = globals()[form_class_name] form = form_class(**self.get_form_kwargs()) if form.is_valid(): return self.form_valid(form) else: return self.form_invalid(form)
def get(self, request): from django.contrib.auth import logout try: logout(request) return redirect('/') except Exception as ex: print(ex) return bad_request(request, ex)
def foge_get_jstree_onlycache(request): # DEBUG http.dump_request(request) jstree = {} if (request.method == 'GET'): hubid = request.GET.get('hubid') if hubid: # Get jstree data from DB cache table jstree = forgeCC.get_jstree_from_cache(hubid) if not jstree: jstree = {'error': True, 'message': "cache doesn't exist"} else: bad_request() else: bad_request() return JsonResponse(jstree)
def test_custom_templates_wrong(self): """ Default error views should raise TemplateDoesNotExist when passed a template that doesn't exist. """ request = self.request_factory.get('/') with self.assertRaises(TemplateDoesNotExist): bad_request(request, Exception(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): permission_denied(request, Exception(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): page_not_found(request, Http404(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): server_error(request, template_name='nonexistent')
def login_view(request): next_url = request.GET.get("next") or "/" if not is_safe_path(next_url): return bad_request(request, SuspiciousOperation) if request.user.is_authenticated: return redirect(next_url) return TemplateResponse(request, "login.html", {"next_url": next_url})
def test_custom_templates_wrong(self): """ Default error views should raise TemplateDoesNotExist when passed a template that doesn't exist. """ rf = RequestFactory() request = rf.get('/') with self.assertRaises(TemplateDoesNotExist): bad_request(request, Exception(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): permission_denied(request, Exception(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): page_not_found(request, Http404(), template_name='nonexistent') with self.assertRaises(TemplateDoesNotExist): server_error(request, template_name='nonexistent')
def registration_complete(request): try: user_id = request.GET['id'] token = request.GET['token'] except KeyError: return defaults.bad_request(request=request, exception=KeyError) user = get_object_or_404(UserMethods, id=user_id) pending_registration = get_object_or_404(PendingRegistration, user=user) if pending_registration.verfify_token(token): record = EmailConfirmed.objects.get(user=user) record.email_confirmed = True record.save() PendingRegistration.objects.filter(user=user).delete() return redirect('accounts:registration-success') else: return defaults.bad_request(request=request, exception=SuspiciousOperation)
def new(request): form = EventForm(request.POST) if form.is_valid(): form.save(commit=True) (year, month, day) = tuple( split_date(request.POST['date'])) return redirect('agenda-events-day', year=year, month=month, day=day) else: return bad_request(request, None, 'ops_400.html')
def list_occupation_data(request): occupation = request.GET.get('occupation', '') if occupation: notificationDatas = NotificationData.objects.filter( owner__occupation=occupation) return render(request, 'pusher/participant_data.html', { "notificationDatas": notificationDatas, }) else: return bad_request(request, exception, template_name='400.html')
def update_status(request): if request.method == 'GET': return bad_request(request, "GET not allowed") post_data = dict(request.POST) newStatus = post_data['newStatus'][0] AppID = post_data['AppID'][0] if (Application.objects.filter(AppID=AppID).update(Status=newStatus)): return JsonResponse({'Status': 'SUCCESS'}) else: return JsonResponse({'Status': 'FAILED'})
def bad_request_400_custom( request, exception, template_name='core/400.html' ): return defaults.bad_request( request=request, exception=exception, template_name=template_name )
def logOutSmart(request): from django.contrib.auth import logout try: if request.user.is_superuser: return redirect('/admin') logout(request) return redirect('/') except Exception as ex: print(ex) return bad_request(request, ex)
def handler_http_400(request, template_name='400.html'): """HTTP 400 error handler that understands Accept header""" accepts = request.META.get('HTTP_ACCEPT', 'text/html') if 'application/json' in accepts: return JsonResponse(status=400, content_type='application/json', data={'error': 'bad request'}) if 'text/html' in accepts: return bad_request(request, template_name=template_name)
def get_user(request): if request.method == 'POST': d = {} user_profile = model_to_dict( UserProfile.objects.get(user=request.user)) d['picture'] = "media/" + str(user_profile['picture']) d['preferred_name'] = user_profile['preferred_name'] return JsonResponse(d, safe=False) # POST only return bad_request(request, exception)
def favorite(request): if request.method == 'POST': place = Place.objects.get(pk=request.POST['placeId']) user = User.objects.get(pk=request.user.id) favorite = Favorite.objects.get_or_create(user=user, place=place)[0] favorite.favorite = not favorite.favorite favorite.save() return JsonResponse(model_to_dict(favorite), safe=False) # POST only return bad_request(request, exception)
def new(request): """Recebe os dados de um novo evento via POST, faz a validação dos dados e aí insere na base de dados.""" form = EventForm(request.POST) if form.is_valid(): form.save(commit=True) # uso a data enviada pelo formulário para o redirecionamento. (year, month, day) = tuple(split_date(request.POST['date'])) return redirect('agenda-events-day', year=year, month=month, day=day) else: return bad_request(request, None, 'ops_400.html')
def search_by_query(request): try: query = request.GET['q'] except KeyError: return defaults.bad_request(request=request, exception=KeyError) matches = Game.objects.filter(name__search=query) matches = Game.objects.add_action(matches, request.user) context = {'query': query, 'matches': matches} return render(request, 'community/search-query.html', context=context)
def forge_3legged_callback(request): logger.message('forge_callback start !! ----------->>>') # DEBUG http.dump_request(request) #logger.message(pp.pformat(dict(request.user))) try: result = urlparse.urlparse(request.get_raw_uri()) logger.message('result.query = %s' % result.query) if result is not None: query = urlparse.parse_qs(result.query) if query: logger.message(' parsed query = %s' % query) response = forgeOA.post_3l_token( str(query['code'][0]), redirecturl=OAUTH_CALLBACK_URL) #response = forgeDM.post_3l_token(str(query['code'][0]), redirecturl=request.path) logger.message(json.dumps(response)) if response: # Save access token and expire sec to current session store dictionary. http.save_session(request, response) current_site = get_current_site(request) # Check if it's not corss origin if 'HTTP_REFERER' in request.META and current_site.domain in request.META[ 'HTTP_REFERER']: split = urlparse.urlsplit(request.META['HTTP_REFERER']) redirecturl = split.geturl() else: redirecturl = '/forge-home/' logger.message('redirect base url = %s' % redirecturl) # [MEMO] In case of first Autodesk Account login, the request has not yet session_key, # but in case of second or later login, it has already session_key. # To avoid "concatenate error", check whether session_key is exist or not. # [CAUTION] You never select Django session cookie mode, # since it doesn't work the following session_key inheritation. if request.session.session_key: return HttpResponseRedirect( '%s?key=%s' % (redirecturl, request.session.session_key)) else: return HttpResponseRedirect(redirecturl) else: return bad_request() except Exception as e: logger.warning(e.message, trace=True) return server_error(request)
def get_user(request): if request.method == "POST": return bad_request(request, "POST not allowed here") params = request.GET if (params.get('UID', -1) == -1): return JsonResponse({'Status': 'NOUID'}) context = {} context['Record'] = list(Users.objects.filter(UID=params['UID']).values()) context['Status'] = "OK" if (context['Record'] == []): context['Status'] = "NOTFOUND" return JsonResponse(context)
def handler_http_400(request, template_name='400.html'): """HTTP 400 error handler that understands Accept header""" accepts = request.META.get('HTTP_ACCEPT', 'text/html') if 'application/json' in accepts: return JsonResponse( status=400, content_type='application/json', data={'error': 'bad request'} ) if 'text/html' in accepts: return bad_request(request, template_name=template_name)
def process_view(self, request, view_func, view_args, view_kwargs): """ Checks if weebly authentication is needed and if so, allows the view only when there is an authenticated user """ request.weebly_auth = None if not RequiresWeeblyAuth.view_requires(view_func): return None request.weebly_auth = WeeblyAuthMiddleware.get_weebly_auth(request) if request.weebly_auth and request.weebly_auth.auth_token: return None return bad_request(request, None, template_name='missing_weebly_auth.html')
def test_error_pages(self): request = self.request_factory.get('/') for response, title in ( (bad_request(request, Exception()), b'Bad Request (400)'), (permission_denied(request, Exception()), b'403 Forbidden'), (page_not_found(request, Http404()), b'Not Found'), (server_error(request), b'Server Error (500)'), ): with self.subTest(title=title): self.assertIn(b'<!doctype html>', response.content) self.assertIn(b'<html lang="en">', response.content) self.assertIn(b'<head>', response.content) self.assertIn(b'<title>%s</title>' % title, response.content) self.assertIn(b'<body>', response.content)
def sso(request): """ Proceed login into discourse Code based on https://meta.discourse.org/t/sso-example-for-django/14258 """ payload = request.GET.get('sso') signature = request.GET.get('sig') try: url = generate_discourse_login_url(request.user, payload, signature) except InvalidSOOPayload as e: return bad_request(request, e) else: return HttpResponseRedirect(url)
def add_user(request): if request.method == "POST": post_data = dict(request.POST) newapp = UserForm(request.POST) #print(request.POST) if (newapp.is_valid()): newapp.save() return JsonResponse({'Status': 'OK'}) else: print(newapp.errors) return JsonResponse({'Status': 'INVINP'}) else: return bad_request(request, "GET not allowed")
def results(request): query = request.GET.get('q', None) if query is not None: query = re.sub(r'\s+',' ',query.strip()) if query == '': return redirect(reverse('search:address')+'?error=noquery') else: results = CourtSearch(query=query).get_courts() if len(results) > 0: return render(request, 'search/results.jinja', { 'query': query, 'search_results': __format_results(results) }) else: return redirect(reverse('search:address')+'?error=noresults&q='+query) else: aol = request.GET.get('aol', 'All') spoe = request.GET.get('spoe', None) postcode = request.GET.get('postcode', None) if postcode: try: courts = CourtSearch(postcode=postcode, area_of_law=aol, single_point_of_entry=spoe).get_courts() except CourtSearchInvalidPostcode as e: return redirect(reverse('search:postcode')+'?postcode='+ postcode+'&error=badpostcode') except CourtSearchClientError as e: return bad_request(request) rules = Rules.for_view(postcode, aol) view_obj = { 'aol': aol, 'spoe': spoe, 'postcode': postcode, 'search_results': __format_results(courts) } if rules: if rules['action'] == 'redirect': return redirect(reverse(rules['target'])+rules.get('params','')) elif rules['action'] == 'render': if 'in_scotland' in rules: view_obj['in_scotland'] = rules['in_scotland'] return render(request, 'search/results.jinja', view_obj) else: return redirect(reverse('search:search'))
def trend_chart_url(request, regions, from_year, to_year, chart_type, trend_type, accident_type, stat_type, scale_type): regions = regions.split(",") from_year = int(from_year) to_year = int(to_year) accident_name = get_accident_name_by_type(accident_type) stat_name = get_stat_name_by_type(stat_type) chart_name = get_chart_name_by_type(chart_type) trend_name = get_trend_name_by_type(trend_type) scale_name = get_scale_name_by_type(scale_type) if ( from_year > to_year or accident_name is None or stat_name is None or chart_name is None or trend_name is None or scale_name is None ): return bad_request(request) parameters = ( (element["regions_title"]["label"], list_to_str(regions)), (element["from_title"]["label"], from_year), (element["to_title"]["label"], to_year), (element["graph_type_title"]["label"], chart_name), (element["trend_line_title"]["label"], trend_name), (element["reason_title"]["label"], accident_name), (element["observed_title"]["label"], stat_name), (element["scale_title"]["label"], scale_name), ) return render_to_response( "trend_chart_by_url.html", { "type": "trend_chart", "title": element["title"]["label"], "chart_title": element["trend_chart_title"]["label"], "lang": "ru", "parameters_title": element["parameters_title"]["label"], "info_header": element["information_header"]["label"], "parameters": parameters, "url": request.path, }, )
def add_to_collection(request): user = get_object_or_404(RecordStoreUser, django_user_id=request.user.id) album_id = request.POST.get('album_id', None) pressing_id = request.POST.get('pressing_id', None) if album_id == None or pressing_id == None: return bad_request(request) record = { 'owner' : user.id, 'album' : album_id, 'pressing' : pressing_id, } try: form = OwnedRecordForm(record) form.save() except: return redirect(reverse('recordstore:pressing_detail', args=[pressing_id,])) else: return redirect(reverse('recordstore:view_profile', args=[]))
def bad_request(*args, **kwargs): kwargs['template_name'] = 'errors/400.html' return defaults.bad_request(*args, **kwargs)
def bad_request(request, exception, template_name='mtp_common/errors/400.html'): return defaults.bad_request(request, exception, template_name)
def results(request): query = request.GET.get('q', None) courtcode = request.GET.get('courtcode', None) if courtcode is not None: courtcode = re.sub(r'\s+',' ',courtcode.strip()) if courtcode == '': return redirect(reverse('search:courtcode')+'?error=noquery') else: results = CourtSearch(query=courtcode, courtcode_search=True).get_courts() if len(results) > 0: open_court_count = sum(1 for result in results if result.displayed) return render(request, 'search/results.jinja', { 'query': courtcode, 'courtcode_search': True, 'search_results': __format_results(results), 'open_court_count': open_court_count }) else: return redirect(reverse('search:courtcode')+'?error=noresults&q='+courtcode) elif query is not None: query = re.sub(r'\s+',' ',query.strip()) if query == '': return redirect(reverse('search:address')+'?error=noquery') else: results = CourtSearch(query=query, courtcode_search=False).get_courts() if len(results) == 1 and results[0].displayed == False: return redirect(reverse('courts:court', kwargs={'slug': results[0].slug}) + '?q=' + query) elif len(results) > 0: open_court_count = sum(1 for result in results if result.displayed) return render(request, 'search/results.jinja', { 'query': query, 'courtcode_search': False, 'search_results': __format_results(results), 'open_court_count': open_court_count }) else: return redirect(reverse('search:address')+'?error=noresults&q='+query) else: aol = request.GET.get('aol', 'All') spoe = request.GET.get('spoe', None) postcode = request.GET.get('postcode', None) if postcode: postcode = re.sub(r'[^A-Za-z0-9 ]','',postcode) try: courts = CourtSearch(postcode=postcode, area_of_law=aol, single_point_of_entry=spoe).get_courts() except CourtSearchInvalidPostcode as e: return redirect(reverse('search:postcode')+'?postcode='+ postcode+'&error=badpostcode') except CourtSearchClientError as e: return bad_request(request, e) rules = Rules.for_view(postcode, aol) view_obj = { 'aol': aol, 'spoe': spoe, 'postcode': postcode, 'search_results': __format_results(courts) } if rules: if rules['action'] == 'redirect': return redirect(reverse(rules['target'])+rules.get('params','')) elif rules['action'] == 'render': if 'in_scotland' in rules: view_obj['in_scotland'] = rules['in_scotland'] return render(request, 'search/results.jinja', view_obj) else: if postcode is not None: return redirect(reverse('search:postcode')+ '?error=nopostcode'+ '&aol='+aol+ ('&spoe='+spoe if spoe is not None else '')) else: return redirect('search:search')
def do_400(request): logger.error("Got 400 for %s", request.path) return defaults.bad_request(request)
def process_exception(self, request, exception): if isinstance(exception, InvalidRequestJsonError): print("Sending 400:", exception) return defaults.bad_request(request, exception)
def mi_error_400(request): nombre_template = '400.html' return bad_request(request, template_name=nombre_template)
def test_bad_request(self): rf = RequestFactory() request = rf.get('/') response = bad_request(request, Exception()) self.assertEqual(response.status_code, 400) self.assertEqual(response.content, b'<h1>Bad Request (400)</h1>')