diff options
author | Leif Johansson <leifj@sunet.se> | 2011-08-07 14:33:53 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-08-07 14:33:53 +0200 |
commit | 63ec9216a9d85c80499fef9e0d9682d09ffa2875 (patch) | |
tree | 6b55ca59f2f5d23c2665a3dcde5f19448826ee98 | |
parent | dfe5e1b74f066b2a1d1f94d02555617707cec432 (diff) |
include user info in 403
-rw-r--r-- | coip/apps/invitation/views.py | 4 | ||||
-rw-r--r-- | coip/apps/link/views.py | 4 | ||||
-rw-r--r-- | coip/apps/membership/views.py | 4 | ||||
-rw-r--r-- | coip/apps/name/views.py | 12 | ||||
-rw-r--r-- | coip/apps/tag/views.py | 2 | ||||
-rw-r--r-- | templates/403.html | 4 |
6 files changed, 15 insertions, 15 deletions
diff --git a/coip/apps/invitation/views.py b/coip/apps/invitation/views.py index e4cb360..542728b 100644 --- a/coip/apps/invitation/views.py +++ b/coip/apps/invitation/views.py @@ -19,7 +19,7 @@ def invite(request,id): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'i'): - return render403('You are not allowed to invite users to '+name) + return render403(request,'You are not allowed to invite users to '+name) user = request.user if request.method == 'POST': @@ -55,7 +55,7 @@ def cancel(request,id): name = invitation.name if not name.has_permission(request.user,'w'): - return render403('You are not allowed to cancel pending invitations to %s' % (name)) + return render403(request,'You are not allowed to cancel pending invitations to %s' % (name)) invitation.delete() return HttpResponseRedirect("/name/id/%d" % (name.id)) diff --git a/coip/apps/link/views.py b/coip/apps/link/views.py index 22c2312..debc78d 100644 --- a/coip/apps/link/views.py +++ b/coip/apps/link/views.py @@ -16,7 +16,7 @@ import re def add(request,id): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'w'): - return render403("You do not have permission to add a link on %s" % (name)) + return render403(request,"You do not have permission to add a link on %s" % (name)) if request.method == 'POST': link = Link(tag='related',name=name) @@ -37,7 +37,7 @@ def remove(request,id): link = get_object_or_404(Link,pk=id) name = link.name if not name.has_permission(request.user,'w'): - return render403("You do not have permission to remove a link on %s" % (name)) + return render403(request,"You do not have permission to remove a link on %s" % (name)) link.delete() diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py index 10a2b7b..176f750 100644 --- a/coip/apps/membership/views.py +++ b/coip/apps/membership/views.py @@ -21,7 +21,7 @@ def show(request,id): membership = get_object_or_404(Membership,pk=id) name = membership.name if not name.has_permission(request.user,'r'): - return render403("You do not have permission to view membership information for %s" % (name)) + return render403(request,"You do not have permission to view membership information for %s" % (name)) return respond_to(request, {'text/html': 'apps/membership/membership.html'}, @@ -83,7 +83,7 @@ def import_metadata(): def join(request,id,membername=None): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'i'): - return render403("You do not have permission to add members to %s" % (name)) + return render403(request,"You do not have permission to add members to %s" % (name)) if request.method == "POST": m = Membership(name=name,enabled=True) diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py index 7be7501..b50526c 100644 --- a/coip/apps/name/views.py +++ b/coip/apps/name/views.py @@ -22,7 +22,7 @@ def delete(request,id): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'d'): - return render403() + return render403(request) if request.method == 'POST': form = NameDeleteForm(request.POST) @@ -96,7 +96,7 @@ def lsacl(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'a'): - return render403("You do not have permission to list permissions on %s" % (name)) + return render403(request,"You do not have permission to list permissions on %s" % (name)) return respond_to(request, {'text/html': 'apps/name/acls.html'}, @@ -107,7 +107,7 @@ def addacl(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'a'): - return render403("You do not have permission to change permissions on %s" % (name)) + return render403(request,"You do not have permission to change permissions on %s" % (name)) if request.method == 'POST': form = PermissionForm(request.POST) @@ -133,7 +133,7 @@ def addacl(request,id,type=NameLink.access_control): def links(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) if not name.has_permission(request.user,'r'): - return render403("You do not have permission to list name links from %s" % (name)) + return render403(request,"You do not have permission to list name links from %s" % (name)) links = name.links.filter(type=type).all return respond_to(request,{'text/html': 'apps/name/links.html', @@ -147,7 +147,7 @@ def rmacl(request,id,aclid): name = link.src type = link.type if not name.has_permission(request.user,'w'): - return render403("You do not have permission to remove name links from %s" % (name)) + return render403(request,"You do not have permission to remove name links from %s" % (name)) link.delete() return HttpResponseRedirect("/name/%d/acl/%s" % (name.id,type)) @@ -164,7 +164,7 @@ def show(request,name): raise Http404() if not name.has_permission(request.user,'r'): - return render403("You are not allowed to look at that group.") + return render403(request,"You are not allowed to look at that group.") memberships = None invitations = None diff --git a/coip/apps/tag/views.py b/coip/apps/tag/views.py index b80c438..7f10871 100644 --- a/coip/apps/tag/views.py +++ b/coip/apps/tag/views.py @@ -21,7 +21,7 @@ def modify(request, type, id): return HttpResponseNotFound() if not name.has_permission(request.user,'w'): - return render403("You do not have permission to modify roles on members of %s" % (name)) + return render403(request,"You do not have permission to modify roles on members of %s" % (name)) if request.method == 'POST': to_tags = request.POST.getlist('tags[]') diff --git a/templates/403.html b/templates/403.html index 00b94f1..83c872b 100644 --- a/templates/403.html +++ b/templates/403.html @@ -1,7 +1,7 @@ -{% extends "base.html" %} +{% extends "tree.html" %} {% block headline %}Permission denied{% endblock %} {% block title %}COIP{% endblock %} -{% block main %} +{% block content %} <div class="ui-state-error ui-corner-all" style="padding: 0 .7em;"> <p><span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span>{{message}}</p> </div> |