Custom error pages

This commit is contained in:
Yohann D'ANELLO 2020-04-25 19:29:18 +02:00
parent f35246c9e2
commit 957344922b
13 changed files with 228 additions and 13 deletions

View File

@ -2,6 +2,7 @@
# SPDX-License-Identifier: GPL-3.0-or-later
from django.core.exceptions import PermissionDenied
from django.utils.translation import gettext_lazy as _
from note_kfet.middlewares import get_current_authenticated_user
from permission.backends import PermissionBackend
@ -57,13 +58,19 @@ def pre_save_object(sender, instance, **kwargs):
if old_value == new_value:
continue
if not PermissionBackend.check_perm(user, app_label + ".change_" + model_name + "_" + field_name, instance):
raise PermissionDenied
raise PermissionDenied(
_("You don't have the permission to change the field {field} on this instance of model"
" {app_label}.{model_name}.")
.format(field=field_name, app_label=app_label, model_name=model_name, )
)
else:
# We check if the user has right to add the object
has_perm = PermissionBackend.check_perm(user, app_label + ".add_" + model_name, instance)
if not has_perm:
raise PermissionDenied
raise PermissionDenied(
_("You don't have the permission to add this instance of model {app_label}.{model_name}.")
.format(app_label=app_label, model_name=model_name, ))
def pre_delete_object(instance, **kwargs):
@ -88,4 +95,6 @@ def pre_delete_object(instance, **kwargs):
# We check if the user has rights to delete the object
if not PermissionBackend.check_perm(user, app_label + ".delete_" + model_name, instance):
raise PermissionDenied
raise PermissionDenied(
_("You don't have the permission to delete this instance of model {app_label}.{model_name}.")
.format(app_label=app_label, model_name=model_name))

View File

@ -661,7 +661,7 @@ class WEIDeleteRegistrationView(ProtectQuerysetMixin, LoginRequiredMixin, Delete
return redirect(reverse_lazy('wei:wei_closed', args=(wei.pk,)))
if not PermissionBackend.check_perm(self.request.user, "wei.delete_weiregistration", object):
raise PermissionDenied
raise PermissionDenied(_("You don't have the right to delete this WEI registration."))
return super().dispatch(request, *args, **kwargs)

View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-04-25 15:52+0200\n"
"POT-Creation-Date: 2020-04-25 19:12+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -868,6 +868,27 @@ msgstr ""
msgid "role permissions"
msgstr ""
#: apps/permission/signals.py:62
#, python-brace-format
msgid ""
"You don't have the permission to change the field {field} on this instance "
"of model {app_label}.{model_name}."
msgstr ""
#: apps/permission/signals.py:72
#, python-brace-format
msgid ""
"You don't have the permission to add this instance of model {app_label}."
"{model_name}."
msgstr ""
#: apps/permission/signals.py:100
#, python-brace-format
msgid ""
"You don't have the permission to delete this instance of model {app_label}."
"{model_name}."
msgstr ""
#: apps/registration/apps.py:10
msgid "registration"
msgstr ""
@ -1353,6 +1374,10 @@ msgstr ""
msgid "You already opened an account in the Société générale."
msgstr ""
#: apps/wei/views.py:664
msgid "You don't have the right to delete this WEI registration."
msgstr ""
#: apps/wei/views.py:763
msgid "This user didn't give her/his caution check."
msgstr ""
@ -1375,6 +1400,50 @@ msgstr ""
msgid "French"
msgstr ""
#: templates/400.html:6
msgid "Bad request"
msgstr ""
#: templates/400.html:7
msgid ""
"Sorry, your request was bad. Don't know what could be wrong. An email has "
"been sent to webmasters with the details of the error. You can now drink a "
"coke."
msgstr ""
#: templates/403.html:6
msgid "Permission denied"
msgstr ""
#: templates/403.html:7
msgid "You don't have the right to perform this request."
msgstr ""
#: templates/403.html:10 templates/404.html:10
msgid "Exception message:"
msgstr ""
#: templates/404.html:6
msgid "Page not found"
msgstr ""
#: templates/404.html:7
#, python-format
msgid ""
"The requested path <code>%(request_path)s</code> was not found on the server."
msgstr ""
#: templates/500.html:6
msgid "Server error"
msgstr ""
#: templates/500.html:7
msgid ""
"Sorry, an error occurred when processing your request. An email has been "
"sent to webmasters with the detail of the error, and this will be fixed "
"soon. You can now drink a beer."
msgstr ""
#: templates/activity/activity_detail.html:29
msgid "creater"
msgstr ""

View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-04-25 15:52+0200\n"
"POT-Creation-Date: 2020-04-25 19:12+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -878,6 +878,33 @@ msgstr ""
msgid "role permissions"
msgstr "Permissions par rôles"
#: apps/permission/signals.py:62
#, python-brace-format
msgid ""
"You don't have the permission to change the field {field} on this instance "
"of model {app_label}.{model_name}."
msgstr ""
"Vous n'avez pas la permission de modifier le champ {field} sur l'instance du "
"modèle {app_label}.{model_name}."
#: apps/permission/signals.py:72
#, python-brace-format
msgid ""
"You don't have the permission to add this instance of model {app_label}."
"{model_name}."
msgstr ""
"Vous n'avez pas la permission d'ajouter cette instance du modèle {app_label}."
"{model_name}."
#: apps/permission/signals.py:100
#, python-brace-format
msgid ""
"You don't have the permission to delete this instance of model {app_label}."
"{model_name}."
msgstr ""
"Vous n'avez pas la permission de supprimer cette instance du modèle "
"{app_label}.{model_name}."
#: apps/registration/apps.py:10
msgid "registration"
msgstr "inscription"
@ -1387,6 +1414,10 @@ msgstr "Inscrire un 2A+"
msgid "You already opened an account in the Société générale."
msgstr "Vous avez déjà ouvert un compte auprès de la société générale."
#: apps/wei/views.py:664
msgid "You don't have the right to delete this WEI registration."
msgstr "Vous n'avez pas la permission de supprimer cette inscription au WEI."
#: apps/wei/views.py:763
msgid "This user didn't give her/his caution check."
msgstr "Cet utilisateur n'a pas donné son chèque de caution."
@ -1409,6 +1440,59 @@ msgstr "Anglais"
msgid "French"
msgstr "Français"
#: templates/400.html:6
msgid "Bad request"
msgstr "Requête invalide"
#: templates/400.html:7
msgid ""
"Sorry, your request was bad. Don't know what could be wrong. An email has "
"been sent to webmasters with the details of the error. You can now drink a "
"coke."
msgstr ""
"Désolé, votre requête est invalide. Aucune idée de ce qui a pu se produire. "
"Un e-mail a été envoyé aux responsables de la plateforme avec les détails de "
"cette erreur. Vous pouvez désormais allez boire un coca."
#: templates/403.html:6
msgid "Permission denied"
msgstr "Accès refusé"
#: templates/403.html:7
msgid "You don't have the right to perform this request."
msgstr "Vous n'avez pas la permission d'exécuter cette requête."
#: templates/403.html:10 templates/404.html:10
msgid "Exception message:"
msgstr "Message d'erreur :"
#: templates/404.html:6
msgid "Page not found"
msgstr "Page inexistante"
#: templates/404.html:7
#, python-format
msgid ""
"The requested path <code>%(request_path)s</code> was not found on the server."
msgstr ""
"The chemin demandé <code>%(request_path)s</code> n'a pas été trouvé sur le "
"serveur."
#: templates/500.html:6
msgid "Server error"
msgstr "Erreur du serveur"
#: templates/500.html:7
msgid ""
"Sorry, an error occurred when processing your request. An email has been "
"sent to webmasters with the detail of the error, and this will be fixed "
"soon. You can now drink a beer."
msgstr ""
"Désolé, une erreur est survenue lors de l'analyse de votre requête. Un email "
"a été envoyé aux responsables de la plateforme avec les détails de cette "
"erreur, qui sera corrigée rapidement. Vous pouvez désormais aller boire une "
"bière."
#: templates/activity/activity_detail.html:29
msgid "creater"
msgstr "Créateur"

View File

@ -62,10 +62,6 @@ CSRF_COOKIE_HTTPONLY = False
X_FRAME_OPTIONS = 'DENY'
SESSION_COOKIE_AGE = 60 * 60 * 3
# CAS Client settings
# Can be modified in secrets.py
CAS_SERVER_URL = "http://localhost:8000/cas/"
STATIC_ROOT = '' # not needed in development settings
STATICFILES_DIRS = [
os.path.join(BASE_DIR, 'static')]

View File

@ -51,6 +51,3 @@ CSRF_COOKIE_SECURE = False
CSRF_COOKIE_HTTPONLY = False
X_FRAME_OPTIONS = 'DENY'
SESSION_COOKIE_AGE = 60 * 60 * 3
# CAS Client settings
CAS_SERVER_URL = "https://" + os.getenv("NOTE_URL", "note.example.com") + "/cas/"

View File

@ -5,6 +5,7 @@ from django.conf import settings
from django.conf.urls.static import static
from django.contrib import admin
from django.urls import path, include
from django.views.defaults import bad_request, permission_denied, page_not_found, server_error
from django.views.generic import RedirectView
from member.views import CustomLoginView
@ -45,3 +46,11 @@ if "debug_toolbar" in settings.INSTALLED_APPS:
urlpatterns = [
path('__debug__/', include(debug_toolbar.urls)),
] + urlpatterns
handler400 = bad_request
handler403 = permission_denied
# Only displayed in production, when debug mode is set to False
handler404 = page_not_found
handler500 = server_error

8
templates/400.html Normal file
View File

@ -0,0 +1,8 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Bad request" %}</h1>
{% blocktrans %}Sorry, your request was bad. Don't know what could be wrong. An email has been sent to webmasters with the details of the error. You can now drink a coke.{% endblocktrans %}
{% endblock %}

13
templates/403.html Normal file
View File

@ -0,0 +1,13 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Permission denied" %}</h1>
{% blocktrans %}You don't have the right to perform this request.{% endblocktrans %}
{% if exception %}
<div>
{% trans "Exception message:" %} {{ exception }}
</div>
{% endif %}
{% endblock %}

13
templates/404.html Normal file
View File

@ -0,0 +1,13 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Page not found" %}</h1>
{% blocktrans %}The requested path <code>{{ request_path }}</code> was not found on the server.{% endblocktrans %}
{% if exception != "Resolver404" %}
<div>
{% trans "Exception message:" %} {{ exception }}
</div>
{% endif %}
{% endblock %}

8
templates/500.html Normal file
View File

@ -0,0 +1,8 @@
{% extends "base.html" %}
{% load i18n %}
{% block content %}
<h1>{% trans "Server error" %}</h1>
{% blocktrans %}Sorry, an error occurred when processing your request. An email has been sent to webmasters with the detail of the error, and this will be fixed soon. You can now drink a beer.{% endblocktrans %}
{% endblock %}

View File

@ -0,0 +1,2 @@
{# The data is already sent as HTML, so we return only the HTML data. Devs don't need a pretty mail... #}
{{ error }}

View File

@ -0,0 +1,7 @@
Une erreur est survenue dans la Note Kfet. Les détails sont ci-dessous.
Cordialement,
L'équipe de la Note Kfet.
{{ error }}