include user info in 403

author: Leif Johansson <leifj@sunet.se> 2011-08-07 14:33:53 +0200
committer: Leif Johansson <leifj@sunet.se> 2011-08-07 14:33:53 +0200
commit: 63ec9216a9d85c80499fef9e0d9682d09ffa2875 (patch)
tree: 6b55ca59f2f5d23c2665a3dcde5f19448826ee98
parent: dfe5e1b74f066b2a1d1f94d02555617707cec432 (diff)
6 files changed, 15 insertions, 15 deletions
diff --git a/coip/apps/invitation/views.py b/coip/apps/invitation/views.py
index e4cb360..542728b 100644
--- a/coip/apps/invitation/views.py
+++ b/coip/apps/invitation/views.py
@@ -19,7 +19,7 @@ def invite(request,id):
     name = get_object_or_404(Name,pk=id)
     
     if not name.has_permission(request.user,'i'):
-        return render403('You are not allowed to invite users to '+name)
+        return render403(request,'You are not allowed to invite users to '+name)
     
     user = request.user
     if request.method == 'POST':
@@ -55,7 +55,7 @@ def cancel(request,id):
     name = invitation.name
     
     if not name.has_permission(request.user,'w'):
-        return render403('You are not allowed to cancel pending invitations to %s' % (name))
+        return render403(request,'You are not allowed to cancel pending invitations to %s' % (name))
     
     invitation.delete()
     return HttpResponseRedirect("/name/id/%d" % (name.id))
diff --git a/coip/apps/link/views.py b/coip/apps/link/views.py
index 22c2312..debc78d 100644
--- a/coip/apps/link/views.py
+++ b/coip/apps/link/views.py
@@ -16,7 +16,7 @@ import re
 def add(request,id):
     name = get_object_or_404(Name,pk=id)
     if not name.has_permission(request.user,'w'):
-        return render403("You do not have permission to add a link on %s" % (name))
+        return render403(request,"You do not have permission to add a link on %s" % (name))
     
     if request.method == 'POST':
         link = Link(tag='related',name=name)
@@ -37,7 +37,7 @@ def remove(request,id):
     link = get_object_or_404(Link,pk=id)
     name = link.name
     if not name.has_permission(request.user,'w'):
-        return render403("You do not have permission to remove a link on %s" % (name))
+        return render403(request,"You do not have permission to remove a link on %s" % (name))
     
     link.delete()
     
diff --git a/coip/apps/membership/views.py b/coip/apps/membership/views.py
index 10a2b7b..176f750 100644
--- a/coip/apps/membership/views.py
+++ b/coip/apps/membership/views.py
@@ -21,7 +21,7 @@ def show(request,id):
     membership = get_object_or_404(Membership,pk=id)
     name = membership.name
     if not name.has_permission(request.user,'r'):
-        return render403("You do not have permission to view membership information for %s" % (name))
+        return render403(request,"You do not have permission to view membership information for %s" % (name))
     
     return respond_to(request,
                       {'text/html': 'apps/membership/membership.html'}, 
@@ -83,7 +83,7 @@ def import_metadata():
 def join(request,id,membername=None):
     name = get_object_or_404(Name,pk=id)
     if not name.has_permission(request.user,'i'):
-        return render403("You do not have permission to add members to %s" % (name))
+        return render403(request,"You do not have permission to add members to %s" % (name))
     
     if request.method == "POST":
         m = Membership(name=name,enabled=True)
diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py
index 7be7501..b50526c 100644
--- a/coip/apps/name/views.py
+++ b/coip/apps/name/views.py
@@ -22,7 +22,7 @@ def delete(request,id):
     name = get_object_or_404(Name,pk=id)
     
     if not name.has_permission(request.user,'d'):
-        return render403()
+        return render403(request)
     
     if request.method == 'POST':
         form = NameDeleteForm(request.POST)
@@ -96,7 +96,7 @@ def lsacl(request,id,type=NameLink.access_control):
     name = get_object_or_404(Name,pk=id)
     
     if not name.has_permission(request.user,'a'):
-        return render403("You do not have permission to list permissions on %s" % (name))
+        return render403(request,"You do not have permission to list permissions on %s" % (name))
 
     return respond_to(request,
                       {'text/html': 'apps/name/acls.html'},
@@ -107,7 +107,7 @@ def addacl(request,id,type=NameLink.access_control):
     name = get_object_or_404(Name,pk=id)
     
     if not name.has_permission(request.user,'a'):
-        return render403("You do not have permission to change permissions on %s" % (name))
+        return render403(request,"You do not have permission to change permissions on %s" % (name))
     
     if request.method == 'POST':
         form = PermissionForm(request.POST)
@@ -133,7 +133,7 @@ def addacl(request,id,type=NameLink.access_control):
 def links(request,id,type=NameLink.access_control):
     name = get_object_or_404(Name,pk=id)
     if not name.has_permission(request.user,'r'):
-        return render403("You do not have permission to list name links from %s" % (name))
+        return render403(request,"You do not have permission to list name links from %s" % (name))
     
     links = name.links.filter(type=type).all
     return respond_to(request,{'text/html': 'apps/name/links.html',
@@ -147,7 +147,7 @@ def rmacl(request,id,aclid):
     name = link.src
     type = link.type
     if not name.has_permission(request.user,'w'):
-        return render403("You do not have permission to remove name links from %s" % (name))
+        return render403(request,"You do not have permission to remove name links from %s" % (name))
     
     link.delete()
     return HttpResponseRedirect("/name/%d/acl/%s" % (name.id,type))
@@ -164,7 +164,7 @@ def show(request,name):
         raise Http404()
     
     if not name.has_permission(request.user,'r'):
-        return render403("You are not allowed to look at that group.")
+        return render403(request,"You are not allowed to look at that group.")
     
     memberships = None
     invitations = None
diff --git a/coip/apps/tag/views.py b/coip/apps/tag/views.py
index b80c438..7f10871 100644
--- a/coip/apps/tag/views.py
+++ b/coip/apps/tag/views.py
@@ -21,7 +21,7 @@ def modify(request, type, id):
         return HttpResponseNotFound()
     
     if not name.has_permission(request.user,'w'):
-        return render403("You do not have permission to modify roles on members of %s" % (name))
+        return render403(request,"You do not have permission to modify roles on members of %s" % (name))
     
     if request.method == 'POST':
         to_tags = request.POST.getlist('tags[]')
diff --git a/templates/403.html b/templates/403.html
index 00b94f1..83c872b 100644
--- a/templates/403.html
+++ b/templates/403.html
@@ -1,7 +1,7 @@
-{% extends "base.html" %}
+{% extends "tree.html" %}
 {% block headline %}Permission denied{% endblock %}
 {% block title %}COIP{% endblock %}
-{% block main %}
+{% block content %}
 <div class="ui-state-error ui-corner-all" style="padding: 0 .7em;"> 
 <p><span class="ui-icon ui-icon-alert" style="float: left; margin-right: .3em;"></span>{{message}}</p>
 </div>
author	Leif Johansson <leifj@sunet.se>	2011-08-07 14:33:53 +0200
committer	Leif Johansson <leifj@sunet.se>	2011-08-07 14:33:53 +0200
commit	63ec9216a9d85c80499fef9e0d9682d09ffa2875 (patch)
tree	6b55ca59f2f5d23c2665a3dcde5f19448826ee98
parent	dfe5e1b74f066b2a1d1f94d02555617707cec432 (diff)