from pgweb.util.contexts import render_pgweb
from pgweb.util.misc import send_template_mail, generate_random_token, get_client_ip
-from pgweb.util.helpers import HttpServerError
+from pgweb.util.helpers import HttpSimpleResponse
from pgweb.news.models import NewsArticle
from pgweb.events.models import Event
if request.user.password == OAUTH_PASSWORD_STORE:
# Link shouldn't exist in this case, so just throw an unfriendly
# error message.
- return HttpServerError(request, "This account cannot change email address as it's connected to a third party login site.")
+ return HttpSimpleResponse(request, "Account error", "This account cannot change email address as it's connected to a third party login site.")
if request.method == 'POST':
form = ChangeEmailForm(request.user, data=request.POST)
if request.user.password == OAUTH_PASSWORD_STORE:
# Link shouldn't exist in this case, so just throw an unfriendly
# error message.
- return HttpServerError(request, "This account cannot change email address as it's connected to a third party login site.")
+ return HttpSimpleResponse(request, "Account error", "This account cannot change email address as it's connected to a third party login site.")
if token:
# Valid token find, so change the email address
def changepwd(request):
if hasattr(request.user, 'password') and request.user.password == OAUTH_PASSWORD_STORE:
- return HttpServerError(request, "This account cannot change password as it's connected to a third party login site.")
+ return HttpSimpleResponse(request, "Account error", "This account cannot change password as it's connected to a third party login site.")
log.info("Initiating password change from {0}".format(get_client_ip(request)))
return authviews.PasswordChangeView.as_view(template_name='account/password_change.html',
try:
u = User.objects.get(email__iexact=request.POST['email'])
if u.password == OAUTH_PASSWORD_STORE:
- return HttpServerError(request, "This account cannot change password as it's connected to a third party login site.")
+ return HttpSimpleResponse(request, "Account error", "This account cannot change password as it's connected to a third party login site.")
except User.DoesNotExist:
log.info("Attempting to reset password of {0}, user not found".format(request.POST['email']))
return HttpResponseRedirect('/account/reset/done/')
@frame_sources('https://www.google.com/')
def signup(request):
if request.user.is_authenticated:
- return HttpServerError(request, "You must log out before you can sign up for a new account")
+ return HttpSimpleResponse(request, "Account error", "You must log out before you can sign up for a new account")
if request.method == 'POST':
# Attempt to create user then, eh?
if 'oauth_email' not in request.session \
or 'oauth_firstname' not in request.session \
or 'oauth_lastname' not in request.session:
- return HttpServerError(request, 'Invalid redirect received')
+ return HttpSimpleResponse(request, "OAuth error", 'Invalid redirect received')
if request.method == 'POST':
# Second stage, so create the account. But verify that the
from django.shortcuts import render, get_object_or_404
from django.http import HttpResponse, Http404, HttpResponseRedirect
from django.http import HttpResponseNotModified
+from django.core.exceptions import PermissionDenied
from django.template import TemplateDoesNotExist, loader
from django.contrib.auth.decorators import user_passes_test
from pgweb.util.decorators import login_required
from pgweb.util.decorators import cache, nocache
from pgweb.util.contexts import render_pgweb, get_nav_menu, PGWebContextProcessor
-from pgweb.util.helpers import simple_form, PgXmlHelper, HttpServerError
+from pgweb.util.helpers import simple_form, PgXmlHelper
from pgweb.util.moderation import get_all_pending_moderations
from pgweb.util.misc import get_client_ip, varnish_purge, varnish_purge_expr, varnish_purge_xkey
from pgweb.util.sitestruct import get_all_pages_struct
@csrf_exempt
def api_varnish_purge(request):
if not request.META['REMOTE_ADDR'] in settings.VARNISH_PURGERS:
- return HttpServerError(request, "Invalid client address")
+ raise PermissionDenied("Invalid client address")
if request.method != 'POST':
- return HttpServerError(request, "Can't use this way")
+ raise PermissionDenied("Can't use this way")
n = int(request.POST['n'])
curs = connection.cursor()
for i in range(0, n):
from django.shortcuts import render, get_object_or_404
from django.http import HttpResponse, Http404, HttpResponseRedirect
+from django.core.exceptions import PermissionDenied
from pgweb.util.decorators import login_required
from django.views.decorators.csrf import csrf_exempt
from django.conf import settings
@csrf_exempt
def uploadftp(request):
if request.method != 'PUT':
- return HttpServerError(request, "Invalid method")
+ raise PermissionDenied("Invalid method")
if not request.META['REMOTE_ADDR'] in settings.FTP_MASTERS:
- return HttpServerError(request, "Invalid client address")
+ raise PermissionDenied("Invalid client address")
# We have the data in request.body. Attempt to load it as
# a pickle to make sure it's properly formatted
pickle.loads(request.body)
@csrf_exempt
def uploadyum(request):
if request.method != 'PUT':
- return HttpServerError(request, "Invalid method")
+ raise PermissionDenied("Invalid method")
if not request.META['REMOTE_ADDR'] in settings.FTP_MASTERS:
- return HttpServerError(request, "Invalid client address")
+ raise PermissionDenied("Invalid client address")
# We have the data in request.body. Attempt to load it as
# json to ensure correct format.
json.loads(request.body.decode('utf8'))
from pgweb.util.contexts import render_pgweb
from pgweb.util.misc import get_client_ip, varnish_purge
-from pgweb.util.helpers import HttpServerError
+from pgweb.util.helpers import HttpSimpleResponse
from .models import Survey, SurveyAnswer, SurveyLock
try:
ansnum = int(request.POST['answer'])
if ansnum < 1 or ansnum > 8:
- return HttpServerError(request, "Invalid answer")
+ return HttpSimpleResponse(request, "Response error", "Invalid answer")
except Exception as e:
# When no answer is given, redirect to results instead
return HttpResponseRedirect("/community/survey/%s-%s" % (surv.id, slugify(surv.question)))
# Check if we are locked
lock = SurveyLock.objects.filter(ipaddr=addr)
if len(lock) > 0:
- return HttpServerError(request, "Too many requests from your IP in the past 15 minutes")
+ return HttpSimpleResponse(request, "Rate limited", "Too many requests from your IP in the past 15 minutes")
# Generate a new lock item, and store it
lock = SurveyLock(ipaddr=addr)
return r
+def HttpSimpleResponse(request, title, msg):
+ return render(request, 'simple.html', {
+ 'title': title,
+ 'message': msg,
+ })
+
+
class PgXmlHelper(django.utils.xmlutils.SimplerXMLGenerator):
def __init__(self, outstream, skipempty=False):
django.utils.xmlutils.SimplerXMLGenerator.__init__(self, outstream, 'utf-8')
--- /dev/null
+{%extends "base/page.html"%}
+{%block title%}{{title}}{%endblock%}
+{%block contents%}
+<h1>{{title}}</h1>
+<p>
+{{message}}
+</p>
+{%endblock%}
projects / pgweb.git / commitdiff