[Branch,~linaro-validation/lava-dashboard/trunk] Rev 359: improve user experience for logged in/out access

Message ID	20121115170911.7746.54360.launchpad@ackee.canonical.com
State	Accepted
Headers	show Return-Path: <patch+caf_=linaro-patchwork=canonical.com@linaro.org> Received-SPF: pass (google.com: best guess record for domain of bounces@canonical.com designates 91.189.90.7 as permitted sender) client-ip=91.189.90.7; Content-Type: multipart/mixed; boundary="===============2867565290826065256==" MIME-Version: 1.0 To: Linaro Patch Tracker <patches@linaro.org> From: noreply@launchpad.net Subject: [Branch ~linaro-validation/lava-dashboard/trunk] Rev 359: improve user experience for logged in/out access Message-Id: <20121115170911.7746.54360.launchpad@ackee.canonical.com> Date: Thu, 15 Nov 2012 17:09:11 -0000 Reply-To: noreply@launchpad.net Sender: bounces@canonical.com Errors-To: bounces@canonical.com Precedence: bulk

=== modified file 'dashboard_app/views/__init__.py' --- dashboard_app/views/__init__.py 2012-11-08 23:10:05 +0000 +++ dashboard_app/views/__init__.py 2012-11-15 17:08:40 +0000 @@ -25,6 +25,7 @@ from django.contrib.auth.decorators import login_required from django.contrib.sites.models import Site +from django.core.exceptions import PermissionDenied from django.core.urlresolvers import reverse from django.db.models.manager import Manager from django.db.models.query import QuerySet @@ -71,25 +72,26 @@ return manager.all() -def get_restricted_object_or_404(klass, via, user, *args, **kwargs): +def get_restricted_object(klass, via, user, *args, **kwargs): """ Uses get() to return an object, or raises a Http404 exception if the object does not exist. If the object exists access control check is made using the via callback (via is called with the found object and the return - value must be a RestrictedResource subclass. + value must be a RestrictedResource subclass. If the user doesn't have + permission to view the resource a 403 error will be displayed. klass may be a Model, Manager, or QuerySet object. All other passed arguments and keyword arguments are used in the get() query. - Note: Like with get(), an MultipleObjectsReturned will be raised if more than one - object is found. + Note: Like with get(), an MultipleObjectsReturned will be raised if more + than one object is found. """ queryset = _get_queryset(klass) try: obj = queryset.get(*args, **kwargs) ownership_holder = via(obj) if not ownership_holder.is_accessible_by(user): - raise queryset.model.DoesNotExist() + raise PermissionDenied() return obj except queryset.model.DoesNotExist: raise Http404('No %s matches the given query.' % queryset.model._meta.object_name) @@ -194,7 +196,7 @@ def bundle_list_table_json(request, pathname): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -211,7 +213,7 @@ """ List of bundles in a specified bundle stream. """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -241,7 +243,7 @@ """ Detail about a bundle from a particular stream """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -265,7 +267,7 @@ def bundle_json(request, pathname, content_sha1): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -301,7 +303,7 @@ def ajax_bundle_viewer(request, pk): - bundle = get_restricted_object_or_404( + bundle = get_restricted_object( Bundle, lambda bundle: bundle.bundle_stream, request.user, @@ -364,7 +366,7 @@ def test_run_list_json(request, pathname): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -381,7 +383,7 @@ """ List of test runs in a specified bundle stream. """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -432,7 +434,7 @@ def test_run_detail_test_json(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, analyzer_assigned_uuid=analyzer_assigned_uuid @@ -445,7 +447,7 @@ parent=bundle_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_detail(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -475,7 +477,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_software_context(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -497,7 +499,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_hardware_context(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -519,7 +521,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid', 'relative_index']) def test_result_detail(request, pathname, content_sha1, analyzer_assigned_uuid, relative_index): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -543,7 +545,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def attachment_list(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -593,7 +595,7 @@ parent=attachment_list, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid', 'pk']) def attachment_detail(request, pathname, content_sha1, analyzer_assigned_uuid, pk): - attachment = get_restricted_object_or_404( + attachment = get_restricted_object( Attachment, lambda attachment: attachment.bundle.bundle_stream, request.user, @@ -638,7 +640,7 @@ def ajax_attachment_viewer(request, pk): - attachment = get_restricted_object_or_404( + attachment = get_restricted_object( Attachment, lambda attachment: attachment.bundle.bundle_stream, request.user, @@ -750,7 +752,7 @@ def redirect_to_test_run(request, analyzer_assigned_uuid, trailing=''): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -760,7 +762,7 @@ def redirect_to_test_result(request, analyzer_assigned_uuid, relative_index, trailing=''): - test_result = get_restricted_object_or_404( + test_result = get_restricted_object( TestResult, lambda test_result: test_result.test_run.bundle.bundle_stream, request.user, @@ -770,7 +772,7 @@ def redirect_to_bundle(request, content_sha1, trailing=''): - bundle = get_restricted_object_or_404( + bundle = get_restricted_object( Bundle, lambda bundle: bundle.bundle_stream, request.user, === modified file 'doc/changes.rst' --- doc/changes.rst 2012-10-04 23:02:12 +0000 +++ doc/changes.rst 2012-11-15 17:08:40 +0000 @@ -6,6 +6,8 @@ Version 0.24 ============ * Unreleased. +* Improved user experience when not logged in +* Support 1.4 and 1.5 bundle formats .. _version_0_23_1:

[Branch,~linaro-validation/lava-dashboard/trunk] Rev 359: improve user experience for logged in/out access

Commit Message

Patch