From 6d51b2814ef188635936ffe7eb391a55a4cf44ef Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Thu, 18 Nov 2021 11:23:25 +0100 Subject: [PATCH 1/6] id_for_login before authenticate --- src/cone/app/security.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/cone/app/security.py b/src/cone/app/security.py index 40df6dba..15b4b911 100644 --- a/src/cone/app/security.py +++ b/src/cone/app/security.py @@ -94,8 +94,8 @@ def authenticate(request, login, password): return remember(request, pid) ugm = ugm_backend.ugm try: - if ugm.users.authenticate(login, password): - pid = ugm.users.id_for_login(login) + pid = ugm.users.id_for_login(login) + if ugm.users.authenticate(pid, password): return remember(request, pid) except Exception as e: logger.warning(( From 1940f15e0f9880894fbdb5d28651bfeb74771bb6 Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Thu, 18 Nov 2021 11:23:25 +0100 Subject: [PATCH 2/6] id_for_login before authenticate --- src/cone/app/security.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/cone/app/security.py b/src/cone/app/security.py index 2239d6a7..c458a503 100644 --- a/src/cone/app/security.py +++ b/src/cone/app/security.py @@ -97,8 +97,8 @@ def authenticate(request, login, password): return remember(request, pid) ugm = ugm_backend.ugm try: - if ugm.users.authenticate(login, password): - pid = ugm.users.id_for_login(login) + pid = ugm.users.id_for_login(login) + if ugm.users.authenticate(pid, password): return remember(request, pid) except Exception as e: logger.warning(( From 53cb53ddb39e623a500337ecf4f5307b6ab4d9eb Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Sat, 11 Dec 2021 15:47:20 +0100 Subject: [PATCH 3/6] exception view vor BadRequestError (400) --- src/cone/app/browser/exception.py | 33 +++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/src/cone/app/browser/exception.py b/src/cone/app/browser/exception.py index 8b1c63e8..ed6d09c3 100644 --- a/src/cone/app/browser/exception.py +++ b/src/cone/app/browser/exception.py @@ -3,7 +3,7 @@ from cone.app.browser.utils import format_traceback from cone.tile import Tile from cone.tile import tile -from pyramid.httpexceptions import HTTPForbidden +from pyramid.httpexceptions import HTTPForbidden, HTTPBadRequest from pyramid.httpexceptions import HTTPNotFound from pyramid.response import Response from pyramid.view import view_config @@ -60,7 +60,6 @@ class UnauthorizedTile(Tile): """Unauthorized tile. """ - @view_config(context=HTTPForbidden, accept='text/html') def forbidden_view(request): """Unauthorized view. @@ -105,3 +104,33 @@ def not_found_view(request): def json_not_found_view(request): request.response.status = 404 return {} + +############################################################################### +# BadRequest +############################################################################### + +@tile(name='bad_request', path='templates/bad_request.pt', permission='login') +class BadRequestTile(Tile): + """Unauthorized tile. + """ + + +@view_config(context=HTTPBadRequest, accept='text/html') +def bad_request_view(request): + """Unauthorized view. + """ + model = request.context + if not request.authenticated_userid: + return login_view(model, request) + return render_main_template(model, request, contenttile='bad_request') + + +@view_config( + context=HTTPBadRequest, + accept='application/json', + renderer='json') +def json_bad_request_view(request): + request.response.status = 400 + return {} + + From c21df99c40382a04856ddc729e7afe427a73fa05 Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Wed, 15 Dec 2021 20:06:28 +0100 Subject: [PATCH 4/6] error pages for BadRequest and 401, 403 --- src/cone/app/browser/exception.py | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/cone/app/browser/exception.py b/src/cone/app/browser/exception.py index ed6d09c3..04a928f8 100644 --- a/src/cone/app/browser/exception.py +++ b/src/cone/app/browser/exception.py @@ -3,7 +3,7 @@ from cone.app.browser.utils import format_traceback from cone.tile import Tile from cone.tile import tile -from pyramid.httpexceptions import HTTPForbidden, HTTPBadRequest +from pyramid.httpexceptions import HTTPForbidden, HTTPBadRequest, HTTPUnauthorized from pyramid.httpexceptions import HTTPNotFound from pyramid.response import Response from pyramid.view import view_config @@ -24,7 +24,7 @@ """ -@view_config(context=Exception) +@view_config(context=Exception, accept='text/html') def internal_server_error(request): """Internal server error view. """ @@ -50,6 +50,15 @@ def internal_server_error(request): response.content_type = 'application/json' return response +@view_config( + context=Exception, + accept='application/json', + renderer='json') +def json_internal_server_error(request): + request.response.status = 500 + return {} + + ############################################################################### # Unauthorized @@ -60,6 +69,8 @@ class UnauthorizedTile(Tile): """Unauthorized tile. """ + +@view_config(context=HTTPUnauthorized, accept='text/html') @view_config(context=HTTPForbidden, accept='text/html') def forbidden_view(request): """Unauthorized view. @@ -70,6 +81,10 @@ def forbidden_view(request): return render_main_template(model, request, contenttile='unauthorized') +@view_config( + context=HTTPUnauthorized, + accept='application/json', + renderer='json') @view_config( context=HTTPForbidden, accept='application/json', @@ -120,8 +135,6 @@ def bad_request_view(request): """Unauthorized view. """ model = request.context - if not request.authenticated_userid: - return login_view(model, request) return render_main_template(model, request, contenttile='bad_request') From 5cd9254e5679aac216268a2078cb415b566b51b6 Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Thu, 16 Dec 2021 15:35:01 +0100 Subject: [PATCH 5/6] git add --- src/cone/app/browser/exception.py | 3 +++ src/cone/app/browser/templates/bad_request.pt | 13 +++++++++++++ 2 files changed, 16 insertions(+) create mode 100644 src/cone/app/browser/templates/bad_request.pt diff --git a/src/cone/app/browser/exception.py b/src/cone/app/browser/exception.py index 04a928f8..7ab06f17 100644 --- a/src/cone/app/browser/exception.py +++ b/src/cone/app/browser/exception.py @@ -1,3 +1,5 @@ +import traceback + from cone.app.browser import render_main_template from cone.app.browser.login import login_view from cone.app.browser.utils import format_traceback @@ -56,6 +58,7 @@ def internal_server_error(request): renderer='json') def json_internal_server_error(request): request.response.status = 500 + traceback.print_exc() return {} diff --git a/src/cone/app/browser/templates/bad_request.pt b/src/cone/app/browser/templates/bad_request.pt new file mode 100644 index 00000000..2d92868c --- /dev/null +++ b/src/cone/app/browser/templates/bad_request.pt @@ -0,0 +1,13 @@ + + +
+

BadRequest

+

+ You have errors in your request. +

+
+ +
From e63282ea5b2f18e9299e266c1acd35ed81dec844 Mon Sep 17 00:00:00 2001 From: Philipp Auersperg-Castell Date: Sun, 6 Feb 2022 12:26:12 +0100 Subject: [PATCH 6/6] display workflow_state (untranslated) --- src/cone/app/browser/contents.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cone/app/browser/contents.py b/src/cone/app/browser/contents.py index 7938b650..5badbfd9 100644 --- a/src/cone/app/browser/contents.py +++ b/src/cone/app/browser/contents.py @@ -184,6 +184,7 @@ def row_data(self, node): row_data['creator'] = node.metadata.get('creator', 'unknown') row_data['created'] = node.metadata.get('created') row_data['modified'] = node.metadata.get('modified') + row_data['workflow_state'] = node.metadata.get('workflow_state') return row_data def sorted_rows(self, start, end, sort, order):