core: add generic error view

This commit is contained in:
Jens Langhammer 2018-12-11 15:29:58 +01:00
parent d77bbd2120
commit 26618afb5a
4 changed files with 52 additions and 5 deletions

View File

@ -0,0 +1,31 @@
{% extends 'login/base.html' %}
{% load static %}
{% load i18n %}
{% load utils %}
{% block head %}
{{ block.super }}
<style>
.pf-icon {
font-size: 48px;
text-align: center;
}
</style>
{% endblock %}
{% block card %}
<header class="login-pf-header">
<h1>{% trans title %}</h1>
</header>
{% include 'partials/messages.html' %}
<form method="POST">
{% csrf_token %}
{% include 'partials/form_login.html' %}
<span class="pf-icon pficon-error-circle-o btn-block"></span>
Access denied
{% if 'back' in request.GET %}
<a href="{% back %}" class="btn btn-primary btn-block btn-lg">{% trans 'Back' %}</a>
{% endif %}
</form>
{% endblock %}

View File

@ -20,3 +20,14 @@ class LoadingView(TemplateView):
kwargs['title'] = self.title kwargs['title'] = self.title
kwargs['target_url'] = self.get_url() kwargs['target_url'] = self.get_url()
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class PermissionDeniedView(TemplateView):
"""Generic Permission denied view"""
template_name = 'login/denied.html'
title = _('Permission denied.')
def get_context_data(self, **kwargs):
kwargs['is_login'] = True
kwargs['title'] = self.title
return super().get_context_data(**kwargs)

View File

@ -10,6 +10,8 @@ urlpatterns = [
name="oauth2-authorize"), name="oauth2-authorize"),
path('authorize/permission_ok/', oauth2.PassbookAuthorizationView.as_view(), path('authorize/permission_ok/', oauth2.PassbookAuthorizationView.as_view(),
name="oauth2-ok-authorize"), name="oauth2-ok-authorize"),
path('authorize/permission_denied/', oauth2.OAuthPermissionDenied.as_view(),
name='oauth2-permission-denied'),
# OAuth API # OAuth API
path('', include('oauth2_provider.urls', namespace='oauth2_provider')), path('', include('oauth2_provider.urls', namespace='oauth2_provider')),
] ]

View File

@ -2,13 +2,12 @@
from logging import getLogger from logging import getLogger
from urllib.parse import urlencode from urllib.parse import urlencode
from django.http import Http404 from django.shortcuts import get_object_or_404, redirect, reverse
from django.shortcuts import get_object_or_404, reverse
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from oauth2_provider.views.base import AuthorizationView from oauth2_provider.views.base import AuthorizationView
from passbook.core.views.access import AccessMixin from passbook.core.views.access import AccessMixin
from passbook.core.views.utils import LoadingView from passbook.core.views.utils import LoadingView, PermissionDeniedView
from passbook.oauth_provider.models import OAuth2Provider from passbook.oauth_provider.models import OAuth2Provider
LOGGER = getLogger(__name__) LOGGER = getLogger(__name__)
@ -23,6 +22,11 @@ class PassbookAuthorizationLoadingView(LoadingView):
querystring = urlencode(self.request.GET) querystring = urlencode(self.request.GET)
return reverse('passbook_oauth_provider:oauth2-ok-authorize')+'?'+querystring return reverse('passbook_oauth_provider:oauth2-ok-authorize')+'?'+querystring
class OAuthPermissionDenied(PermissionDeniedView):
"""Show permission denied view"""
class PassbookAuthorizationView(AccessMixin, AuthorizationView): class PassbookAuthorizationView(AccessMixin, AuthorizationView):
"""Custom OAuth2 Authorization View which checks rules, etc""" """Custom OAuth2 Authorization View which checks rules, etc"""
@ -40,8 +44,7 @@ class PassbookAuthorizationView(AccessMixin, AuthorizationView):
self._application = application self._application = application
# Check permissions # Check permissions
if not self.user_has_access(self._application, request.user): if not self.user_has_access(self._application, request.user):
# TODO: Create a general error class for access denied return redirect(reverse('passbook_oauth_provider:oauth2-permission-denied'))
raise Http404
actual_response = super().dispatch(request, *args, **kwargs) actual_response = super().dispatch(request, *args, **kwargs)
if actual_response.status_code == 400: if actual_response.status_code == 400:
LOGGER.debug(request.GET.get('redirect_uri')) LOGGER.debug(request.GET.get('redirect_uri'))