From 6b5f1ca79b42b977ea5f436ac7ab329fd2da1b6b Mon Sep 17 00:00:00 2001
From: Sebastian Spaeth <Sebastian@SSpaeth.de>
Date: Thu, 29 Nov 2012 08:57:12 +0100
Subject: [PATCH 1/3] Implement generic error pages

Rather than having a 404.html, a 403.html, a 500.html,...
we have a generic error.html template that we pass in an
error code, a title and a (html'ish) error message.

Implement the common render_404 and render_403 shortcuts. More exotic
cases can be achieved by the generic render_error function.

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
---
 .../mediagoblin/{404.html => error.html}      | 11 +++----
 mediagoblin/tools/response.py                 | 33 +++++++++++++++----
 2 files changed, 31 insertions(+), 13 deletions(-)
 rename mediagoblin/templates/mediagoblin/{404.html => error.html} (70%)

diff --git a/mediagoblin/templates/mediagoblin/404.html b/mediagoblin/templates/mediagoblin/error.html
similarity index 70%
rename from mediagoblin/templates/mediagoblin/404.html
rename to mediagoblin/templates/mediagoblin/error.html
index c0fe8b62..c16b650f 100644
--- a/mediagoblin/templates/mediagoblin/404.html
+++ b/mediagoblin/templates/mediagoblin/error.html
@@ -17,15 +17,12 @@
 #}
 {% extends "mediagoblin/base.html" %}
 
-{% block title %}404 &mdash; {{ super() }}{% endblock %}
+{% block title %}{{err_code}} &mdash; {{ super() }}{% endblock %}
 
 {% block mediagoblin_content %}
   <img class="right_align" src="{{ request.staticdirect('/images/404.png') }}"
-       alt="{% trans %}Image of 404 goblin stressing out{% endtrans %}" />
-  <h1>{% trans %}Oops!{% endtrans %}</h1>
-  <p>{% trans %}There doesn't seem to be a page at this address. Sorry!{% endtrans %}</p>
-  <p>
-    {%- trans %}If you're sure the address is correct, maybe the page you're looking for has been moved or deleted.{% endtrans -%}
-  </p>
+       alt="{% trans %}Image of goblin stressing out{% endtrans %}" />
+  <h1>{{ title }}</h1>
+  <p>{{ err_msg|safe }}</p>
   <div class="clear"></div>
 {% endblock %}
diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py
index a54c32fb..a77f68b9 100644
--- a/mediagoblin/tools/response.py
+++ b/mediagoblin/tools/response.py
@@ -16,6 +16,7 @@
 
 from webob import Response, exc
 from mediagoblin.tools.template import render_template
+from mediagoblin.tools.translate import fake_ugettext_passthrough as _
 
 
 def render_to_response(request, template, context, status=200):
@@ -25,13 +26,33 @@ def render_to_response(request, template, context, status=200):
         status=status)
 
 
-def render_404(request):
-    """
-    Render a 404.
-    """
-    return render_to_response(
-        request, 'mediagoblin/404.html', {}, status=404)
+def render_error(request, status=500, title=_('Oops!'),
+                 err_msg=_('An error occured')):
+    """Render any error page with a given error code, title and text body
 
+    Title and description are passed through as-is to allow html. Make
+    sure no user input is contained therein for security reasons. The
+    description will be wrapped in a <p> tag.
+    """
+    return Response(render_template(request, 'mediagoblin/error.html',
+        {'err_code': status, 'title': title, 'err_msg': err_msg}),
+        status=status)
+
+
+def render_403(request):
+    """Render a standard 403 page"""
+    title = _('Operation not allowed')
+    err_msg = _("Sorry Dave, I can't let you do that!</p><p>You have tried "
+                " to perform a function that you are not allowed to. Have you "
+                "been trying to delete all user accounts again?")
+    return render_error(request, 403, title, err_msg)
+
+def render_404(request):
+    """Render a standard 404 page."""
+    err_msg = _("<p>There doesn't seem to be a page at this address. Sorry!</p>"
+                "<p>If you're sure the address is correct, maybe the page "
+                "you're looking for has been moved or deleted.")
+    return render_error(request, 404, err_msg=err_msg)
 
 def redirect(request, *args, **kwargs):
     """Returns a HTTPFound(), takes a request and then urlgen params"""

From 60de3209b923db71fc126bca4c34e0bf34752726 Mon Sep 17 00:00:00 2001
From: Sebastian Spaeth <Sebastian@SSpaeth.de>
Date: Thu, 15 Nov 2012 15:41:06 +0100
Subject: [PATCH 2/3] Return code 403 when accessing admin pages

without being an admin. Previously we were just returning a 404 page
and this confused the heck out of me, as I did not understand why the
admin pages were not there at all (I was no admin).

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
---
 mediagoblin/admin/views.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/mediagoblin/admin/views.py b/mediagoblin/admin/views.py
index e6a3eac3..9c14c55c 100644
--- a/mediagoblin/admin/views.py
+++ b/mediagoblin/admin/views.py
@@ -14,18 +14,19 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-from mediagoblin.tools.response import render_to_response, render_404
 from mediagoblin.db.util import DESCENDING
 from mediagoblin.decorators import require_active_login
-
+from mediagoblin.tools.response import (render_to_response, render_403,
+                                        render_404)
 
 @require_active_login
 def admin_processing_panel(request):
     '''
     Show the global processing panel for this instance
     '''
+    # TODO: Why not a "require_admin_login" decorator throwing a 403 exception?
     if not request.user.is_admin:
-        return render_404(request)
+        return render_403(request)
 
     processing_entries = request.db.MediaEntry.find(
         {'state': u'processing'}).sort('created', DESCENDING)

From 26c71029b44d4384020b2f928fb18f59b1d1356b Mon Sep 17 00:00:00 2001
From: Sebastian Spaeth <Sebastian@SSpaeth.de>
Date: Thu, 29 Nov 2012 14:51:24 +0100
Subject: [PATCH 3/3] Fix error page text

Thanks to Elrond for noticing. We wrap error messages in <p> tags,
so there is no need to start the error message with <p>. DOH

Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de>
---
 mediagoblin/tools/response.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mediagoblin/tools/response.py b/mediagoblin/tools/response.py
index a77f68b9..6d14b8b7 100644
--- a/mediagoblin/tools/response.py
+++ b/mediagoblin/tools/response.py
@@ -32,7 +32,7 @@ def render_error(request, status=500, title=_('Oops!'),
 
     Title and description are passed through as-is to allow html. Make
     sure no user input is contained therein for security reasons. The
-    description will be wrapped in a <p> tag.
+    description will be wrapped in <p></p> tags.
     """
     return Response(render_template(request, 'mediagoblin/error.html',
         {'err_code': status, 'title': title, 'err_msg': err_msg}),
@@ -49,7 +49,7 @@ def render_403(request):
 
 def render_404(request):
     """Render a standard 404 page."""
-    err_msg = _("<p>There doesn't seem to be a page at this address. Sorry!</p>"
+    err_msg = _("There doesn't seem to be a page at this address. Sorry!</p>"
                 "<p>If you're sure the address is correct, maybe the page "
                 "you're looking for has been moved or deleted.")
     return render_error(request, 404, err_msg=err_msg)