Merge remote-tracking branch 'spaetz/formerge/538_FORBIDDEN_admin_pages'
* spaetz/formerge/538_FORBIDDEN_admin_pages: Fix error page text Return code 403 when accessing admin pages Implement generic error pages
This commit is contained in:
commit
e4f33f4093
@ -14,18 +14,19 @@
|
||||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from mediagoblin.tools.response import render_to_response, render_404
|
||||
from mediagoblin.db.util import DESCENDING
|
||||
from mediagoblin.decorators import require_active_login
|
||||
|
||||
from mediagoblin.tools.response import (render_to_response, render_403,
|
||||
render_404)
|
||||
|
||||
@require_active_login
|
||||
def admin_processing_panel(request):
|
||||
'''
|
||||
Show the global processing panel for this instance
|
||||
'''
|
||||
# TODO: Why not a "require_admin_login" decorator throwing a 403 exception?
|
||||
if not request.user.is_admin:
|
||||
return render_404(request)
|
||||
return render_403(request)
|
||||
|
||||
processing_entries = request.db.MediaEntry.find(
|
||||
{'state': u'processing'}).sort('created', DESCENDING)
|
||||
|
@ -17,15 +17,12 @@
|
||||
#}
|
||||
{% extends "mediagoblin/base.html" %}
|
||||
|
||||
{% block title %}404 — {{ super() }}{% endblock %}
|
||||
{% block title %}{{err_code}} — {{ super() }}{% endblock %}
|
||||
|
||||
{% block mediagoblin_content %}
|
||||
<img class="right_align" src="{{ request.staticdirect('/images/404.png') }}"
|
||||
alt="{% trans %}Image of 404 goblin stressing out{% endtrans %}" />
|
||||
<h1>{% trans %}Oops!{% endtrans %}</h1>
|
||||
<p>{% trans %}There doesn't seem to be a page at this address. Sorry!{% endtrans %}</p>
|
||||
<p>
|
||||
{%- trans %}If you're sure the address is correct, maybe the page you're looking for has been moved or deleted.{% endtrans -%}
|
||||
</p>
|
||||
alt="{% trans %}Image of goblin stressing out{% endtrans %}" />
|
||||
<h1>{{ title }}</h1>
|
||||
<p>{{ err_msg|safe }}</p>
|
||||
<div class="clear"></div>
|
||||
{% endblock %}
|
@ -16,6 +16,7 @@
|
||||
|
||||
from webob import Response, exc
|
||||
from mediagoblin.tools.template import render_template
|
||||
from mediagoblin.tools.translate import fake_ugettext_passthrough as _
|
||||
|
||||
|
||||
def render_to_response(request, template, context, status=200):
|
||||
@ -25,13 +26,33 @@ def render_to_response(request, template, context, status=200):
|
||||
status=status)
|
||||
|
||||
|
||||
def render_404(request):
|
||||
"""
|
||||
Render a 404.
|
||||
"""
|
||||
return render_to_response(
|
||||
request, 'mediagoblin/404.html', {}, status=404)
|
||||
def render_error(request, status=500, title=_('Oops!'),
|
||||
err_msg=_('An error occured')):
|
||||
"""Render any error page with a given error code, title and text body
|
||||
|
||||
Title and description are passed through as-is to allow html. Make
|
||||
sure no user input is contained therein for security reasons. The
|
||||
description will be wrapped in <p></p> tags.
|
||||
"""
|
||||
return Response(render_template(request, 'mediagoblin/error.html',
|
||||
{'err_code': status, 'title': title, 'err_msg': err_msg}),
|
||||
status=status)
|
||||
|
||||
|
||||
def render_403(request):
|
||||
"""Render a standard 403 page"""
|
||||
title = _('Operation not allowed')
|
||||
err_msg = _("Sorry Dave, I can't let you do that!</p><p>You have tried "
|
||||
" to perform a function that you are not allowed to. Have you "
|
||||
"been trying to delete all user accounts again?")
|
||||
return render_error(request, 403, title, err_msg)
|
||||
|
||||
def render_404(request):
|
||||
"""Render a standard 404 page."""
|
||||
err_msg = _("There doesn't seem to be a page at this address. Sorry!</p>"
|
||||
"<p>If you're sure the address is correct, maybe the page "
|
||||
"you're looking for has been moved or deleted.")
|
||||
return render_error(request, 404, err_msg=err_msg)
|
||||
|
||||
def redirect(request, *args, **kwargs):
|
||||
"""Returns a HTTPFound(), takes a request and then urlgen params"""
|
||||
|
Loading…
x
Reference in New Issue
Block a user