x/tuskar-ui
Code Issues Proposed changes
tuskar-ui/horizon/middleware.py
John Postlethwait c1b05e9bd8 User needs to log in messages. 
When a user tries to access a page and they are
not logged in, the message needs to be about
authentication, NOT authorization as it was before
this change. Needing to log in has nothing to do
with permissions and the messaging needs to
reflect that.

Fixes Bug #965810

Change-Id: Ic9de135d4d3d8e7b19524cd100a3fe7ea027e1f4
2012-03-26 18:02:22 -07:00

96 lines
3.5 KiB
Python
Raw Blame History

# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2012 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Copyright 2012 Nebula, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""
Middleware provided and used by Horizon.
"""
import logging
from django import http
from django import shortcuts
from django.core.urlresolvers import reverse
from django.contrib import messages
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.utils.encoding import iri_to_uri
from horizon import exceptions
from horizon import users
LOG = logging.getLogger(__name__)
class HorizonMiddleware(object):
""" The main Horizon middleware class. Required for use of Horizon. """
def process_request(self, request):
""" Adds data necessary for Horizon to function to the request.
Adds the current "active" :class:`~horizon.Dashboard` and
:class:`~horizon.Panel` to ``request.horizon``.
Adds a :class:`~horizon.users.User` object to ``request.user``.
"""
request.__class__.user = users.LazyUser()
request.horizon = {'dashboard': None, 'panel': None}
def process_exception(self, request, exception):
"""
Catches internal Horizon exception classes such as NotAuthorized,
NotFound and Http302 and handles them gracefully.
"""
if isinstance(exception,
(exceptions.NotAuthorized, exceptions.NotAuthenticated)):
auth_url = reverse("horizon:auth_login")
next_url = iri_to_uri(request.get_full_path())
if next_url != auth_url:
param = "?%s=%s" % (REDIRECT_FIELD_NAME, next_url)
redirect_to = "".join((auth_url, param))
else:
redirect_to = auth_url
messages.error(request, unicode(exception))
if request.is_ajax():
response_401 = http.HttpResponse(status=401)
response_401['X-Horizon-Location'] = redirect_to
return response_401
return shortcuts.redirect(redirect_to)
# If an internal "NotFound" error gets this far, return a real 404.
if isinstance(exception, exceptions.NotFound):
raise http.Http404(exception)
if isinstance(exception, exceptions.Http302):
if exception.message:
messages.error(request, exception.message)
return shortcuts.redirect(exception.location)
def process_response(self, request, response):
"""
Convert HttpResponseRedirect to HttpResponse if request is via ajax
to allow ajax request to redirect url
"""
if request.is_ajax():
if type(response) == http.HttpResponseRedirect:
redirect_response = http.HttpResponse()
redirect_response['X-Horizon-Location'] = response['location']
return redirect_response
return response
View Git Blame Copy Permalink