From 957344922b60461f4449d8af93bd6ba2255414cf Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sat, 25 Apr 2020 19:29:18 +0200 Subject: [PATCH] Custom error pages --- apps/permission/signals.py | 15 ++++- apps/wei/views.py | 2 +- locale/de/LC_MESSAGES/django.po | 71 ++++++++++++++++++++++- locale/fr/LC_MESSAGES/django.po | 86 +++++++++++++++++++++++++++- note_kfet/settings/development.py | 4 -- note_kfet/settings/production.py | 3 - note_kfet/urls.py | 9 +++ templates/400.html | 8 +++ templates/403.html | 13 +++++ templates/404.html | 13 +++++ templates/500.html | 8 +++ templates/scripts/mail-error500.html | 2 + templates/scripts/mail-error500.txt | 7 +++ 13 files changed, 228 insertions(+), 13 deletions(-) create mode 100644 templates/400.html create mode 100644 templates/403.html create mode 100644 templates/404.html create mode 100644 templates/500.html create mode 100644 templates/scripts/mail-error500.html create mode 100644 templates/scripts/mail-error500.txt diff --git a/apps/permission/signals.py b/apps/permission/signals.py index bf54b72f..cac0a8a0 100644 --- a/apps/permission/signals.py +++ b/apps/permission/signals.py @@ -2,6 +2,7 @@ # SPDX-License-Identifier: GPL-3.0-or-later from django.core.exceptions import PermissionDenied +from django.utils.translation import gettext_lazy as _ from note_kfet.middlewares import get_current_authenticated_user from permission.backends import PermissionBackend @@ -57,13 +58,19 @@ def pre_save_object(sender, instance, **kwargs): if old_value == new_value: continue if not PermissionBackend.check_perm(user, app_label + ".change_" + model_name + "_" + field_name, instance): - raise PermissionDenied + raise PermissionDenied( + _("You don't have the permission to change the field {field} on this instance of model" + " {app_label}.{model_name}.") + .format(field=field_name, app_label=app_label, model_name=model_name, ) + ) else: # We check if the user has right to add the object has_perm = PermissionBackend.check_perm(user, app_label + ".add_" + model_name, instance) if not has_perm: - raise PermissionDenied + raise PermissionDenied( + _("You don't have the permission to add this instance of model {app_label}.{model_name}.") + .format(app_label=app_label, model_name=model_name, )) def pre_delete_object(instance, **kwargs): @@ -88,4 +95,6 @@ def pre_delete_object(instance, **kwargs): # We check if the user has rights to delete the object if not PermissionBackend.check_perm(user, app_label + ".delete_" + model_name, instance): - raise PermissionDenied + raise PermissionDenied( + _("You don't have the permission to delete this instance of model {app_label}.{model_name}.") + .format(app_label=app_label, model_name=model_name)) diff --git a/apps/wei/views.py b/apps/wei/views.py index ca596053..b35e27be 100644 --- a/apps/wei/views.py +++ b/apps/wei/views.py @@ -661,7 +661,7 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete return redirect(reverse_lazy('wei:wei_closed', args=(wei.pk,))) if not PermissionBackend.check_perm(self.request.user, "wei.delete_weiregistration", object): - raise PermissionDenied + raise PermissionDenied(_("You don't have the right to delete this WEI registration.")) return super().dispatch(request, *args, **kwargs) diff --git a/locale/de/LC_MESSAGES/django.po b/locale/de/LC_MESSAGES/django.po index de84718f..4a42dca7 100644 --- a/locale/de/LC_MESSAGES/django.po +++ b/locale/de/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2020-04-25 15:52+0200\n" +"POT-Creation-Date: 2020-04-25 19:12+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -868,6 +868,27 @@ msgstr "" msgid "role permissions" msgstr "" +#: apps/permission/signals.py:62 +#, python-brace-format +msgid "" +"You don't have the permission to change the field {field} on this instance " +"of model {app_label}.{model_name}." +msgstr "" + +#: apps/permission/signals.py:72 +#, python-brace-format +msgid "" +"You don't have the permission to add this instance of model {app_label}." +"{model_name}." +msgstr "" + +#: apps/permission/signals.py:100 +#, python-brace-format +msgid "" +"You don't have the permission to delete this instance of model {app_label}." +"{model_name}." +msgstr "" + #: apps/registration/apps.py:10 msgid "registration" msgstr "" @@ -1353,6 +1374,10 @@ msgstr "" msgid "You already opened an account in the Société générale." msgstr "" +#: apps/wei/views.py:664 +msgid "You don't have the right to delete this WEI registration." +msgstr "" + #: apps/wei/views.py:763 msgid "This user didn't give her/his caution check." msgstr "" @@ -1375,6 +1400,50 @@ msgstr "" msgid "French" msgstr "" +#: templates/400.html:6 +msgid "Bad request" +msgstr "" + +#: templates/400.html:7 +msgid "" +"Sorry, your request was bad. Don't know what could be wrong. An email has " +"been sent to webmasters with the details of the error. You can now drink a " +"coke." +msgstr "" + +#: templates/403.html:6 +msgid "Permission denied" +msgstr "" + +#: templates/403.html:7 +msgid "You don't have the right to perform this request." +msgstr "" + +#: templates/403.html:10 templates/404.html:10 +msgid "Exception message:" +msgstr "" + +#: templates/404.html:6 +msgid "Page not found" +msgstr "" + +#: templates/404.html:7 +#, python-format +msgid "" +"The requested path %(request_path)s was not found on the server." +msgstr "" + +#: templates/500.html:6 +msgid "Server error" +msgstr "" + +#: templates/500.html:7 +msgid "" +"Sorry, an error occurred when processing your request. An email has been " +"sent to webmasters with the detail of the error, and this will be fixed " +"soon. You can now drink a beer." +msgstr "" + #: templates/activity/activity_detail.html:29 msgid "creater" msgstr "" diff --git a/locale/fr/LC_MESSAGES/django.po b/locale/fr/LC_MESSAGES/django.po index af56309d..339a3ab2 100644 --- a/locale/fr/LC_MESSAGES/django.po +++ b/locale/fr/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2020-04-25 15:52+0200\n" +"POT-Creation-Date: 2020-04-25 19:12+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -878,6 +878,33 @@ msgstr "" msgid "role permissions" msgstr "Permissions par rôles" +#: apps/permission/signals.py:62 +#, python-brace-format +msgid "" +"You don't have the permission to change the field {field} on this instance " +"of model {app_label}.{model_name}." +msgstr "" +"Vous n'avez pas la permission de modifier le champ {field} sur l'instance du " +"modèle {app_label}.{model_name}." + +#: apps/permission/signals.py:72 +#, python-brace-format +msgid "" +"You don't have the permission to add this instance of model {app_label}." +"{model_name}." +msgstr "" +"Vous n'avez pas la permission d'ajouter cette instance du modèle {app_label}." +"{model_name}." + +#: apps/permission/signals.py:100 +#, python-brace-format +msgid "" +"You don't have the permission to delete this instance of model {app_label}." +"{model_name}." +msgstr "" +"Vous n'avez pas la permission de supprimer cette instance du modèle " +"{app_label}.{model_name}." + #: apps/registration/apps.py:10 msgid "registration" msgstr "inscription" @@ -1387,6 +1414,10 @@ msgstr "Inscrire un 2A+" msgid "You already opened an account in the Société générale." msgstr "Vous avez déjà ouvert un compte auprès de la société générale." +#: apps/wei/views.py:664 +msgid "You don't have the right to delete this WEI registration." +msgstr "Vous n'avez pas la permission de supprimer cette inscription au WEI." + #: apps/wei/views.py:763 msgid "This user didn't give her/his caution check." msgstr "Cet utilisateur n'a pas donné son chèque de caution." @@ -1409,6 +1440,59 @@ msgstr "Anglais" msgid "French" msgstr "Français" +#: templates/400.html:6 +msgid "Bad request" +msgstr "Requête invalide" + +#: templates/400.html:7 +msgid "" +"Sorry, your request was bad. Don't know what could be wrong. An email has " +"been sent to webmasters with the details of the error. You can now drink a " +"coke." +msgstr "" +"Désolé, votre requête est invalide. Aucune idée de ce qui a pu se produire. " +"Un e-mail a été envoyé aux responsables de la plateforme avec les détails de " +"cette erreur. Vous pouvez désormais allez boire un coca." + +#: templates/403.html:6 +msgid "Permission denied" +msgstr "Accès refusé" + +#: templates/403.html:7 +msgid "You don't have the right to perform this request." +msgstr "Vous n'avez pas la permission d'exécuter cette requête." + +#: templates/403.html:10 templates/404.html:10 +msgid "Exception message:" +msgstr "Message d'erreur :" + +#: templates/404.html:6 +msgid "Page not found" +msgstr "Page inexistante" + +#: templates/404.html:7 +#, python-format +msgid "" +"The requested path %(request_path)s was not found on the server." +msgstr "" +"The chemin demandé %(request_path)s n'a pas été trouvé sur le " +"serveur." + +#: templates/500.html:6 +msgid "Server error" +msgstr "Erreur du serveur" + +#: templates/500.html:7 +msgid "" +"Sorry, an error occurred when processing your request. An email has been " +"sent to webmasters with the detail of the error, and this will be fixed " +"soon. You can now drink a beer." +msgstr "" +"Désolé, une erreur est survenue lors de l'analyse de votre requête. Un email " +"a été envoyé aux responsables de la plateforme avec les détails de cette " +"erreur, qui sera corrigée rapidement. Vous pouvez désormais aller boire une " +"bière." + #: templates/activity/activity_detail.html:29 msgid "creater" msgstr "Créateur" diff --git a/note_kfet/settings/development.py b/note_kfet/settings/development.py index 66ad4fd4..0a0c21e1 100644 --- a/note_kfet/settings/development.py +++ b/note_kfet/settings/development.py @@ -62,10 +62,6 @@ CSRF_COOKIE_HTTPONLY = False X_FRAME_OPTIONS = 'DENY' SESSION_COOKIE_AGE = 60 * 60 * 3 -# CAS Client settings -# Can be modified in secrets.py -CAS_SERVER_URL = "http://localhost:8000/cas/" - STATIC_ROOT = '' # not needed in development settings STATICFILES_DIRS = [ os.path.join(BASE_DIR, 'static')] diff --git a/note_kfet/settings/production.py b/note_kfet/settings/production.py index 5be8a3b8..7b8d37ef 100644 --- a/note_kfet/settings/production.py +++ b/note_kfet/settings/production.py @@ -51,6 +51,3 @@ CSRF_COOKIE_SECURE = False CSRF_COOKIE_HTTPONLY = False X_FRAME_OPTIONS = 'DENY' SESSION_COOKIE_AGE = 60 * 60 * 3 - -# CAS Client settings -CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL", "note.example.com") + "/cas/" diff --git a/note_kfet/urls.py b/note_kfet/urls.py index 4311c0b5..2cd7d6c6 100644 --- a/note_kfet/urls.py +++ b/note_kfet/urls.py @@ -5,6 +5,7 @@ from django.conf import settings from django.conf.urls.static import static from django.contrib import admin from django.urls import path, include +from django.views.defaults import bad_request, permission_denied, page_not_found, server_error from django.views.generic import RedirectView from member.views import CustomLoginView @@ -45,3 +46,11 @@ if "debug_toolbar" in settings.INSTALLED_APPS: urlpatterns = [ path('__debug__/', include(debug_toolbar.urls)), ] + urlpatterns + + +handler400 = bad_request +handler403 = permission_denied + +# Only displayed in production, when debug mode is set to False +handler404 = page_not_found +handler500 = server_error diff --git a/templates/400.html b/templates/400.html new file mode 100644 index 00000000..35606525 --- /dev/null +++ b/templates/400.html @@ -0,0 +1,8 @@ +{% extends "base.html" %} + +{% load i18n %} + +{% block content %} +

{% trans "Bad request" %}

+ {% blocktrans %}Sorry, your request was bad. Don't know what could be wrong. An email has been sent to webmasters with the details of the error. You can now drink a coke.{% endblocktrans %} +{% endblock %} \ No newline at end of file diff --git a/templates/403.html b/templates/403.html new file mode 100644 index 00000000..317865f2 --- /dev/null +++ b/templates/403.html @@ -0,0 +1,13 @@ +{% extends "base.html" %} + +{% load i18n %} + +{% block content %} +

{% trans "Permission denied" %}

+ {% blocktrans %}You don't have the right to perform this request.{% endblocktrans %} + {% if exception %} +
+ {% trans "Exception message:" %} {{ exception }} +
+ {% endif %} +{% endblock %} \ No newline at end of file diff --git a/templates/404.html b/templates/404.html new file mode 100644 index 00000000..8477f914 --- /dev/null +++ b/templates/404.html @@ -0,0 +1,13 @@ +{% extends "base.html" %} + +{% load i18n %} + +{% block content %} +

{% trans "Page not found" %}

+ {% blocktrans %}The requested path {{ request_path }} was not found on the server.{% endblocktrans %} + {% if exception != "Resolver404" %} +
+ {% trans "Exception message:" %} {{ exception }} +
+ {% endif %} +{% endblock %} \ No newline at end of file diff --git a/templates/500.html b/templates/500.html new file mode 100644 index 00000000..50b62bc2 --- /dev/null +++ b/templates/500.html @@ -0,0 +1,8 @@ +{% extends "base.html" %} + +{% load i18n %} + +{% block content %} +

{% trans "Server error" %}

+ {% blocktrans %}Sorry, an error occurred when processing your request. An email has been sent to webmasters with the detail of the error, and this will be fixed soon. You can now drink a beer.{% endblocktrans %} +{% endblock %} \ No newline at end of file diff --git a/templates/scripts/mail-error500.html b/templates/scripts/mail-error500.html new file mode 100644 index 00000000..f4bb796f --- /dev/null +++ b/templates/scripts/mail-error500.html @@ -0,0 +1,2 @@ +{# The data is already sent as HTML, so we return only the HTML data. Devs don't need a pretty mail... #} +{{ error }} \ No newline at end of file diff --git a/templates/scripts/mail-error500.txt b/templates/scripts/mail-error500.txt new file mode 100644 index 00000000..b7aabd39 --- /dev/null +++ b/templates/scripts/mail-error500.txt @@ -0,0 +1,7 @@ +Une erreur est survenue dans la Note Kfet. Les détails sont ci-dessous. + +Cordialement, + +L'équipe de la Note Kfet. + +{{ error }} \ No newline at end of file