From patchwork Thu Nov 15 17:09:11 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andy Doan X-Patchwork-Id: 12874 Return-Path: X-Original-To: patchwork@peony.canonical.com Delivered-To: patchwork@peony.canonical.com Received: from fiordland.canonical.com (fiordland.canonical.com [91.189.94.145]) by peony.canonical.com (Postfix) with ESMTP id 7F2134C177F for ; Thu, 15 Nov 2012 17:09:15 +0000 (UTC) Received: from mail-da0-f52.google.com (mail-da0-f52.google.com [209.85.210.52]) by fiordland.canonical.com (Postfix) with ESMTP id D46DDA182F8 for ; Thu, 15 Nov 2012 17:09:14 +0000 (UTC) Received: by mail-da0-f52.google.com with SMTP id f10so723927dak.11 for ; Thu, 15 Nov 2012 09:09:14 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-forwarded-to:x-forwarded-for:delivered-to:received-spf :content-type:mime-version:x-launchpad-project:x-launchpad-branch :x-launchpad-message-rationale:x-launchpad-branch-revision-number :x-launchpad-notification-type:to:from:subject:message-id:date :reply-to:sender:errors-to:precedence:x-generated-by :x-launchpad-hash:x-gm-message-state; bh=CotlXIZfDniTjQB1KXK2YpSdkV9PEOUtBtE3T1EHwcY=; b=aIWMAEBn21t43Q8a23MuvH6E7LylwrBYaUH9PYmGQExeRKyjNGadZ1xZbieax1NBCV OKNL4ikaJLHMG35XnGauAx5vxPM8g5w15nYX8mOb4j/PBKbrrKUkikdM9e+Mzm130tOG 2I2PoKvwtj2hXL9zn0Y3BtmtGF+SBgkWvcClTuRL/LGExEfL5y+E7zn13uO1gNmekYX/ QKy4fiPEfbl3ymh1IFy/xiw6YfYNiJJ3/HdHw5HobyiDGqC1PbXzxnyuGyozDQNnVyQI jsL5uyPxjjTz2BkynWoVlvCB+qwebFx3FJvA8Vpq+RnTnm9+PjCeiraA+qxZweFlB2Tr LFCA== Received: by 10.68.231.69 with SMTP id te5mr6552183pbc.81.1352999353854; Thu, 15 Nov 2012 09:09:13 -0800 (PST) X-Forwarded-To: linaro-patchwork@canonical.com X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com Delivered-To: patches@linaro.org Received: by 10.68.34.137 with SMTP id z9csp105523pbi; Thu, 15 Nov 2012 09:09:13 -0800 (PST) Received: by 10.216.210.16 with SMTP id t16mr830690weo.175.1352999352129; Thu, 15 Nov 2012 09:09:12 -0800 (PST) Received: from indium.canonical.com (indium.canonical.com. [91.189.90.7]) by mx.google.com with ESMTPS id c28si8662304wep.111.2012.11.15.09.09.11 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 15 Nov 2012 09:09:12 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of bounces@canonical.com designates 91.189.90.7 as permitted sender) client-ip=91.189.90.7; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of bounces@canonical.com designates 91.189.90.7 as permitted sender) smtp.mail=bounces@canonical.com Received: from ackee.canonical.com ([91.189.89.26]) by indium.canonical.com with esmtp (Exim 4.71 #1 (Debian)) id 1TZ2wB-0000jT-AP for ; Thu, 15 Nov 2012 17:09:11 +0000 Received: from ackee.canonical.com (localhost [127.0.0.1]) by ackee.canonical.com (Postfix) with ESMTP id 09B44E027B for ; Thu, 15 Nov 2012 17:09:11 +0000 (UTC) MIME-Version: 1.0 X-Launchpad-Project: lava-dashboard X-Launchpad-Branch: ~linaro-validation/lava-dashboard/trunk X-Launchpad-Message-Rationale: Subscriber X-Launchpad-Branch-Revision-Number: 359 X-Launchpad-Notification-Type: branch-revision To: Linaro Patch Tracker From: noreply@launchpad.net Subject: [Branch ~linaro-validation/lava-dashboard/trunk] Rev 359: improve user experience for logged in/out access Message-Id: <20121115170911.7746.54360.launchpad@ackee.canonical.com> Date: Thu, 15 Nov 2012 17:09:11 -0000 Reply-To: noreply@launchpad.net Sender: bounces@canonical.com Errors-To: bounces@canonical.com Precedence: bulk X-Generated-By: Launchpad (canonical.com); Revision="16272"; Instance="launchpad-lazr.conf" X-Launchpad-Hash: f24cbea54f56fb13099fe2ca0684078abce88aa7 X-Gm-Message-State: ALoCoQlmBHBK25RZEw/QfdRV5Nt4YpZwDhmT7cDWABzmJs0Gu4uISeVpx4M1Sn7/RAzXGp+vSKYG Merge authors: Andy Doan (doanac) Related merge proposals: https://code.launchpad.net/~doanac/lava-dashboard/403-improvement/+merge/133851 proposed by: Andy Doan (doanac) ------------------------------------------------------------ revno: 359 [merge] committer: Andy Doan branch nick: lava-dashboard timestamp: Thu 2012-11-15 11:08:40 -0600 message: improve user experience for logged in/out access modified: dashboard_app/views/__init__.py doc/changes.rst --- lp:lava-dashboard https://code.launchpad.net/~linaro-validation/lava-dashboard/trunk You are subscribed to branch lp:lava-dashboard. To unsubscribe from this branch go to https://code.launchpad.net/~linaro-validation/lava-dashboard/trunk/+edit-subscription === modified file 'dashboard_app/views/__init__.py' --- dashboard_app/views/__init__.py 2012-11-08 23:10:05 +0000 +++ dashboard_app/views/__init__.py 2012-11-15 17:08:40 +0000 @@ -25,6 +25,7 @@ from django.contrib.auth.decorators import login_required from django.contrib.sites.models import Site +from django.core.exceptions import PermissionDenied from django.core.urlresolvers import reverse from django.db.models.manager import Manager from django.db.models.query import QuerySet @@ -71,25 +72,26 @@ return manager.all() -def get_restricted_object_or_404(klass, via, user, *args, **kwargs): +def get_restricted_object(klass, via, user, *args, **kwargs): """ Uses get() to return an object, or raises a Http404 exception if the object does not exist. If the object exists access control check is made using the via callback (via is called with the found object and the return - value must be a RestrictedResource subclass. + value must be a RestrictedResource subclass. If the user doesn't have + permission to view the resource a 403 error will be displayed. klass may be a Model, Manager, or QuerySet object. All other passed arguments and keyword arguments are used in the get() query. - Note: Like with get(), an MultipleObjectsReturned will be raised if more than one - object is found. + Note: Like with get(), an MultipleObjectsReturned will be raised if more + than one object is found. """ queryset = _get_queryset(klass) try: obj = queryset.get(*args, **kwargs) ownership_holder = via(obj) if not ownership_holder.is_accessible_by(user): - raise queryset.model.DoesNotExist() + raise PermissionDenied() return obj except queryset.model.DoesNotExist: raise Http404('No %s matches the given query.' % queryset.model._meta.object_name) @@ -194,7 +196,7 @@ def bundle_list_table_json(request, pathname): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -211,7 +213,7 @@ """ List of bundles in a specified bundle stream. """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -241,7 +243,7 @@ """ Detail about a bundle from a particular stream """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -265,7 +267,7 @@ def bundle_json(request, pathname, content_sha1): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -301,7 +303,7 @@ def ajax_bundle_viewer(request, pk): - bundle = get_restricted_object_or_404( + bundle = get_restricted_object( Bundle, lambda bundle: bundle.bundle_stream, request.user, @@ -364,7 +366,7 @@ def test_run_list_json(request, pathname): - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -381,7 +383,7 @@ """ List of test runs in a specified bundle stream. """ - bundle_stream = get_restricted_object_or_404( + bundle_stream = get_restricted_object( BundleStream, lambda bundle_stream: bundle_stream, request.user, @@ -432,7 +434,7 @@ def test_run_detail_test_json(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, analyzer_assigned_uuid=analyzer_assigned_uuid @@ -445,7 +447,7 @@ parent=bundle_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_detail(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -475,7 +477,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_software_context(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -497,7 +499,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def test_run_hardware_context(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -519,7 +521,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid', 'relative_index']) def test_result_detail(request, pathname, content_sha1, analyzer_assigned_uuid, relative_index): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -543,7 +545,7 @@ parent=test_run_detail, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid']) def attachment_list(request, pathname, content_sha1, analyzer_assigned_uuid): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -593,7 +595,7 @@ parent=attachment_list, needs=['pathname', 'content_sha1', 'analyzer_assigned_uuid', 'pk']) def attachment_detail(request, pathname, content_sha1, analyzer_assigned_uuid, pk): - attachment = get_restricted_object_or_404( + attachment = get_restricted_object( Attachment, lambda attachment: attachment.bundle.bundle_stream, request.user, @@ -638,7 +640,7 @@ def ajax_attachment_viewer(request, pk): - attachment = get_restricted_object_or_404( + attachment = get_restricted_object( Attachment, lambda attachment: attachment.bundle.bundle_stream, request.user, @@ -750,7 +752,7 @@ def redirect_to_test_run(request, analyzer_assigned_uuid, trailing=''): - test_run = get_restricted_object_or_404( + test_run = get_restricted_object( TestRun, lambda test_run: test_run.bundle.bundle_stream, request.user, @@ -760,7 +762,7 @@ def redirect_to_test_result(request, analyzer_assigned_uuid, relative_index, trailing=''): - test_result = get_restricted_object_or_404( + test_result = get_restricted_object( TestResult, lambda test_result: test_result.test_run.bundle.bundle_stream, request.user, @@ -770,7 +772,7 @@ def redirect_to_bundle(request, content_sha1, trailing=''): - bundle = get_restricted_object_or_404( + bundle = get_restricted_object( Bundle, lambda bundle: bundle.bundle_stream, request.user, === modified file 'doc/changes.rst' --- doc/changes.rst 2012-10-04 23:02:12 +0000 +++ doc/changes.rst 2012-11-15 17:08:40 +0000 @@ -6,6 +6,8 @@ Version 0.24 ============ * Unreleased. +* Improved user experience when not logged in +* Support 1.4 and 1.5 bundle formats .. _version_0_23_1: