diff mbox

[Branch,~linaro-validation/lava-server/trunk] Rev 403: improve user experience for 403 errors

Message ID 20121115165813.4515.70136.launchpad@ackee.canonical.com
State Accepted
Headers show

Commit Message

Andy Doan Nov. 15, 2012, 4:58 p.m. UTC 
Merge authors:
  Andy Doan (doanac)
Related merge proposals:
  https://code.launchpad.net/~doanac/lava-server/403-improvements/+merge/133766
  proposed by: Andy Doan (doanac)
------------------------------------------------------------
revno: 403 [merge]
committer: Andy Doan <andy.doan@linaro.org>
branch nick: lava-server
timestamp: Thu 2012-11-15 10:57:24 -0600
message:
  improve user experience for 403 errors
modified:
  doc/changes.rst
  lava_server/templates/403.html
  lava_server/templates/layouts/content.html
  lava_server/urls.py
  lava_server/views.py


--
lp:lava-server
https://code.launchpad.net/~linaro-validation/lava-server/trunk

You are subscribed to branch lp:lava-server.
To unsubscribe from this branch go to https://code.launchpad.net/~linaro-validation/lava-server/trunk/+edit-subscription
diff mbox

Patch

=== modified file 'doc/changes.rst'
--- doc/changes.rst	2012-09-24 02:58:45 +0000
+++ doc/changes.rst	2012-11-15 16:57:24 +0000
@@ -6,6 +6,7 @@ 
 Version 0.19
 ============
 * Unreleased.
+* Improve user experience for 403 errors
 
 .. _version_0_18_1:
 
@@ -21,7 +22,7 @@ 
 * Make token page clearer about what the token actually is.
 * Enable devserver if it is available (i.e. if an instance is using
   buildout-development.cfg)
-* If a table is queryset backed but not ajax enabled, render all the 
+* If a table is queryset backed but not ajax enabled, render all the
   data.
 * Load font css over https.
 

=== modified file 'lava_server/templates/403.html'
--- lava_server/templates/403.html	2011-07-08 02:56:22 +0000
+++ lava_server/templates/403.html	2012-11-09 22:40:16 +0000
@@ -3,7 +3,15 @@ 
 
 {% block title %} | HTTP 403 {% endblock %}
 
-
 {% block content %}
 <h1>403 Forbidden</h1>
+
+{% if user.is_authenticated %}
+You do not have permission to view this resource.
+{% else %}
+<p>The requested resource is only for authorized users. You don't appear to be
+logged into the system. Please log in to view this.
+</p>
+{% endif %}
+
 {% endblock %}

=== modified file 'lava_server/templates/layouts/content.html'
--- lava_server/templates/layouts/content.html	2012-06-04 03:32:24 +0000
+++ lava_server/templates/layouts/content.html	2012-11-09 22:40:16 +0000
@@ -70,8 +70,13 @@ 
         {% if user.is_authenticated %}
         <a href="{% url lava.me %}" class="username">{{user.get_full_name|default:user.username}} &#x25BE;</a>
         {% else %}
-        <a href="{% url django.contrib.auth.views.login %}" class="username"
-          >{% trans "Guest" %}</a>
+          {% if request.get_full_path == "/accounts/logout/" %}
+            <a href="{% url django.contrib.auth.views.login %}"
+	      class="username">{% trans "Guest" %}</a>
+	  {% else %}
+            <a href="{% url django.contrib.auth.views.login %}?next={{request.get_full_path}}"
+	      class="username">{% trans "Guest" %}</a>
+          {% endif %}
         {% endif %}
       </div>
       {% if user.is_authenticated %}

=== modified file 'lava_server/urls.py'
--- lava_server/urls.py	2012-02-15 21:53:07 +0000
+++ lava_server/urls.py	2012-11-09 22:40:16 +0000
@@ -27,6 +27,7 @@ 
 from lava_server.views import index, me, version
 
 
+handler403 = 'lava_server.views.permission_error'
 handler500 = 'lava_server.views.server_error'
 
 # Enable admin stuff

=== modified file 'lava_server/views.py'
--- lava_server/views.py	2012-08-05 21:58:27 +0000
+++ lava_server/views.py	2012-11-09 22:40:16 +0000
@@ -86,3 +86,9 @@ 
                     'user':request.user,
                     'request':request,
                 })))
+
+@requires_csrf_token
+def permission_error(request, template_name='403.html'):
+    t = loader.get_template(template_name)
+    context = RequestContext(request)
+    return HttpResponse(t.render(context))