Custom error pages

This commit is contained in:
Yohann D'ANELLO 2020-04-25 19:29:18 +02:00
parent f35246c9e2
commit 957344922b
13 changed files with 228 additions and 13 deletions

View File

@ -2,6 +2,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later # SPDX-License-Identifier: GPL-3.0-or-later
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.utils.translation import gettext_lazy as _
from note_kfet.middlewares import get_current_authenticated_user from note_kfet.middlewares import get_current_authenticated_user
from permission.backends import PermissionBackend from permission.backends import PermissionBackend
@ -57,13 +58,19 @@ def pre_save_object(sender, instance, **kwargs):
if old_value == new_value: if old_value == new_value:
continue continue
if not PermissionBackend.check_perm(user, app_label + ".change_" + model_name + "_" + field_name, instance): if not PermissionBackend.check_perm(user, app_label + ".change_" + model_name + "_" + field_name, instance):
raise PermissionDenied raise PermissionDenied(
_("You don't have the permission to change the field {field} on this instance of model"
" {app_label}.{model_name}.")
.format(field=field_name, app_label=app_label, model_name=model_name, )
)
else: else:
# We check if the user has right to add the object # We check if the user has right to add the object
has_perm = PermissionBackend.check_perm(user, app_label + ".add_" + model_name, instance) has_perm = PermissionBackend.check_perm(user, app_label + ".add_" + model_name, instance)
if not has_perm: if not has_perm:
raise PermissionDenied raise PermissionDenied(
_("You don't have the permission to add this instance of model {app_label}.{model_name}.")
.format(app_label=app_label, model_name=model_name, ))
def pre_delete_object(instance, **kwargs): def pre_delete_object(instance, **kwargs):
@ -88,4 +95,6 @@ def pre_delete_object(instance, **kwargs):
# We check if the user has rights to delete the object # We check if the user has rights to delete the object
if not PermissionBackend.check_perm(user, app_label + ".delete_" + model_name, instance): if not PermissionBackend.check_perm(user, app_label + ".delete_" + model_name, instance):
raise PermissionDenied raise PermissionDenied(
_("You don't have the permission to delete this instance of model {app_label}.{model_name}.")
.format(app_label=app_label, model_name=model_name))

View File

@ -661,7 +661,7 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete
return redirect(reverse_lazy('wei:wei_closed', args=(wei.pk,))) return redirect(reverse_lazy('wei:wei_closed', args=(wei.pk,)))
if not PermissionBackend.check_perm(self.request.user, "wei.delete_weiregistration", object): if not PermissionBackend.check_perm(self.request.user, "wei.delete_weiregistration", object):
raise PermissionDenied raise PermissionDenied(_("You don't have the right to delete this WEI registration."))
return super().dispatch(request, *args, **kwargs) return super().dispatch(request, *args, **kwargs)

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-04-25 15:52+0200\n" "POT-Creation-Date: 2020-04-25 19:12+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -868,6 +868,27 @@ msgstr ""
msgid "role permissions" msgid "role permissions"
msgstr "" msgstr ""
#: apps/permission/signals.py:62
#, python-brace-format
msgid ""
"You don't have the permission to change the field {field} on this instance "
"of model {app_label}.{model_name}."
msgstr ""
#: apps/permission/signals.py:72
#, python-brace-format
msgid ""
"You don't have the permission to add this instance of model {app_label}."
"{model_name}."
msgstr ""
#: apps/permission/signals.py:100
#, python-brace-format
msgid ""
"You don't have the permission to delete this instance of model {app_label}."
"{model_name}."
msgstr ""
#: apps/registration/apps.py:10 #: apps/registration/apps.py:10
msgid "registration" msgid "registration"
msgstr "" msgstr ""
@ -1353,6 +1374,10 @@ msgstr ""
msgid "You already opened an account in the Société générale." msgid "You already opened an account in the Société générale."
msgstr "" msgstr ""
#: apps/wei/views.py:664
msgid "You don't have the right to delete this WEI registration."
msgstr ""
#: apps/wei/views.py:763 #: apps/wei/views.py:763
msgid "This user didn't give her/his caution check." msgid "This user didn't give her/his caution check."
msgstr "" msgstr ""
@ -1375,6 +1400,50 @@ msgstr ""
msgid "French" msgid "French"
msgstr "" msgstr ""
#: templates/400.html:6
msgid "Bad request"
msgstr ""
#: templates/400.html:7
msgid ""
"Sorry, your request was bad. Don't know what could be wrong. An email has "
"been sent to webmasters with the details of the error. You can now drink a "
"coke."
msgstr ""
#: templates/403.html:6
msgid "Permission denied"
msgstr ""
#: templates/403.html:7
msgid "You don't have the right to perform this request."
msgstr ""
#: templates/403.html:10 templates/404.html:10
msgid "Exception message:"
msgstr ""
#: templates/404.html:6
msgid "Page not found"
msgstr ""
#: templates/404.html:7
#, python-format
msgid ""
"The requested path <code>%(request_path)s</code> was not found on the server."
msgstr ""
#: templates/500.html:6
msgid "Server error"
msgstr ""
#: templates/500.html:7
msgid ""
"Sorry, an error occurred when processing your request. An email has been "
"sent to webmasters with the detail of the error, and this will be fixed "
"soon. You can now drink a beer."
msgstr ""
#: templates/activity/activity_detail.html:29 #: templates/activity/activity_detail.html:29
msgid "creater" msgid "creater"
msgstr "" msgstr ""

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-04-25 15:52+0200\n" "POT-Creation-Date: 2020-04-25 19:12+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -878,6 +878,33 @@ msgstr ""
msgid "role permissions" msgid "role permissions"
msgstr "Permissions par rôles" msgstr "Permissions par rôles"
#: apps/permission/signals.py:62
#, python-brace-format
msgid ""
"You don't have the permission to change the field {field} on this instance "
"of model {app_label}.{model_name}."
msgstr ""
"Vous n'avez pas la permission de modifier le champ {field} sur l'instance du "
"modèle {app_label}.{model_name}."
#: apps/permission/signals.py:72
#, python-brace-format
msgid ""
"You don't have the permission to add this instance of model {app_label}."
"{model_name}."
msgstr ""
"Vous n'avez pas la permission d'ajouter cette instance du modèle {app_label}."
"{model_name}."
#: apps/permission/signals.py:100
#, python-brace-format
msgid ""
"You don't have the permission to delete this instance of model {app_label}."
"{model_name}."
msgstr ""
"Vous n'avez pas la permission de supprimer cette instance du modèle "
"{app_label}.{model_name}."
#: apps/registration/apps.py:10 #: apps/registration/apps.py:10
msgid "registration" msgid "registration"
msgstr "inscription" msgstr "inscription"
@ -1387,6 +1414,10 @@ msgstr "Inscrire un 2A+"
msgid "You already opened an account in the Société générale." msgid "You already opened an account in the Société générale."
msgstr "Vous avez déjà ouvert un compte auprès de la société générale." msgstr "Vous avez déjà ouvert un compte auprès de la société générale."
#: apps/wei/views.py:664
msgid "You don't have the right to delete this WEI registration."
msgstr "Vous n'avez pas la permission de supprimer cette inscription au WEI."
#: apps/wei/views.py:763 #: apps/wei/views.py:763
msgid "This user didn't give her/his caution check." msgid "This user didn't give her/his caution check."
msgstr "Cet utilisateur n'a pas donné son chèque de caution." msgstr "Cet utilisateur n'a pas donné son chèque de caution."
@ -1409,6 +1440,59 @@ msgstr "Anglais"
msgid "French" msgid "French"
msgstr "Français" msgstr "Français"
#: templates/400.html:6
msgid "Bad request"
msgstr "Requête invalide"
#: templates/400.html:7
msgid ""
"Sorry, your request was bad. Don't know what could be wrong. An email has "
"been sent to webmasters with the details of the error. You can now drink a "
"coke."
msgstr ""
"Désolé, votre requête est invalide. Aucune idée de ce qui a pu se produire. "
"Un e-mail a été envoyé aux responsables de la plateforme avec les détails de "
"cette erreur. Vous pouvez désormais allez boire un coca."
#: templates/403.html:6
msgid "Permission denied"
msgstr "Accès refusé"
#: templates/403.html:7
msgid "You don't have the right to perform this request."
msgstr "Vous n'avez pas la permission d'exécuter cette requête."
#: templates/403.html:10 templates/404.html:10
msgid "Exception message:"
msgstr "Message d'erreur :"
#: templates/404.html:6
msgid "Page not found"
msgstr "Page inexistante"
#: templates/404.html:7
#, python-format
msgid ""
"The requested path <code>%(request_path)s</code> was not found on the server."
msgstr ""
"The chemin demandé <code>%(request_path)s</code> n'a pas été trouvé sur le "
"serveur."
#: templates/500.html:6
msgid "Server error"
msgstr "Erreur du serveur"
#: templates/500.html:7
msgid ""
"Sorry, an error occurred when processing your request. An email has been "
"sent to webmasters with the detail of the error, and this will be fixed "
"soon. You can now drink a beer."
msgstr ""
"Désolé, une erreur est survenue lors de l'analyse de votre requête. Un email "
"a été envoyé aux responsables de la plateforme avec les détails de cette "
"erreur, qui sera corrigée rapidement. Vous pouvez désormais aller boire une "
"bière."
#: templates/activity/activity_detail.html:29 #: templates/activity/activity_detail.html:29
msgid "creater" msgid "creater"
msgstr "Créateur" msgstr "Créateur"

View File

@ -62,10 +62,6 @@ CSRF_COOKIE_HTTPONLY = False
X_FRAME_OPTIONS = 'DENY' X_FRAME_OPTIONS = 'DENY'
SESSION_COOKIE_AGE = 60 * 60 * 3 SESSION_COOKIE_AGE = 60 * 60 * 3
# CAS Client settings
# Can be modified in secrets.py
CAS_SERVER_URL = "http://localhost:8000/cas/"
STATIC_ROOT = '' # not needed in development settings STATIC_ROOT = '' # not needed in development settings
STATICFILES_DIRS = [ STATICFILES_DIRS = [
os.path.join(BASE_DIR, 'static')] os.path.join(BASE_DIR, 'static')]

View File

@ -51,6 +51,3 @@ CSRF_COOKIE_SECURE = False
CSRF_COOKIE_HTTPONLY = False CSRF_COOKIE_HTTPONLY = False
X_FRAME_OPTIONS = 'DENY' X_FRAME_OPTIONS = 'DENY'
SESSION_COOKIE_AGE = 60 * 60 * 3 SESSION_COOKIE_AGE = 60 * 60 * 3
# CAS Client settings
CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL", "note.example.com") + "/cas/"

View File

@ -5,6 +5,7 @@ from django.conf import settings
from django.conf.urls.static import static from django.conf.urls.static import static
from django.contrib import admin from django.contrib import admin
from django.urls import path, include from django.urls import path, include
from django.views.defaults import bad_request, permission_denied, page_not_found, server_error
from django.views.generic import RedirectView from django.views.generic import RedirectView
from member.views import CustomLoginView from member.views import CustomLoginView
@ -45,3 +46,11 @@ if "debug_toolbar" in settings.INSTALLED_APPS:
urlpatterns = [ urlpatterns = [
path('__debug__/', include(debug_toolbar.urls)), path('__debug__/', include(debug_toolbar.urls)),
] + urlpatterns ] + urlpatterns
handler400 = bad_request
handler403 = permission_denied
# Only displayed in production, when debug mode is set to False
handler404 = page_not_found
handler500 = server_error

8
templates/400.html Normal file
View File

@ -0,0 +1,8 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Bad request" %}</h1>
{% blocktrans %}Sorry, your request was bad. Don't know what could be wrong. An email has been sent to webmasters with the details of the error. You can now drink a coke.{% endblocktrans %}
{% endblock %}

13
templates/403.html Normal file
View File

@ -0,0 +1,13 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Permission denied" %}</h1>
{% blocktrans %}You don't have the right to perform this request.{% endblocktrans %}
{% if exception %}
<div>
{% trans "Exception message:" %} {{ exception }}
</div>
{% endif %}
{% endblock %}

13
templates/404.html Normal file
View File

@ -0,0 +1,13 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Page not found" %}</h1>
{% blocktrans %}The requested path <code>{{ request_path }}</code> was not found on the server.{% endblocktrans %}
{% if exception != "Resolver404" %}
<div>
{% trans "Exception message:" %} {{ exception }}
</div>
{% endif %}
{% endblock %}

8
templates/500.html Normal file
View File

@ -0,0 +1,8 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Server error" %}</h1>
{% blocktrans %}Sorry, an error occurred when processing your request. An email has been sent to webmasters with the detail of the error, and this will be fixed soon. You can now drink a beer.{% endblocktrans %}
{% endblock %}

View File

@ -0,0 +1,2 @@
{# The data is already sent as HTML, so we return only the HTML data. Devs don't need a pretty mail... #}
{{ error }}

View File

@ -0,0 +1,7 @@
Une erreur est survenue dans la Note Kfet. Les détails sont ci-dessous.
Cordialement,
L'équipe de la Note Kfet.
{{ error }}