mirror of
https://github.com/bookwyrm-social/bookwyrm.git
synced 2024-12-23 08:36:32 +00:00
parent
06568aab88
commit
d620bd7350
5 changed files with 35 additions and 0 deletions
16
bookwyrm/templates/403.html
Normal file
16
bookwyrm/templates/403.html
Normal file
|
@ -0,0 +1,16 @@
|
|||
{% extends 'layout.html' %}
|
||||
{% load i18n %}
|
||||
{% load utilities %}
|
||||
|
||||
{% block title %}{% trans "Oh no!" %}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<div class="block">
|
||||
<h1 class="title">{% trans "Permission Denied" %}</h1>
|
||||
{% blocktrans trimmed with level=request.user|get_user_permission %}
|
||||
<p class="content">You do not have permission to view this page. Your user permission level is <code>{{ level }}</code>.</p>
|
||||
<p class="content">If you think you should have access to this page, please speak to your BookWyrm server administrator.</p>
|
||||
{% endblocktrans %}
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
|
@ -125,3 +125,10 @@ def id_to_username(user_id):
|
|||
value = f"{name}@{domain}"
|
||||
|
||||
return value
|
||||
|
||||
|
||||
@register.filter(name="get_user_permission")
|
||||
def get_user_permission(user):
|
||||
"""given a user, return their permission level"""
|
||||
|
||||
return user.groups.first() if user.groups.first() else "User"
|
||||
|
|
|
@ -792,3 +792,6 @@ urlpatterns.extend(staticfiles_urlpatterns())
|
|||
|
||||
# pylint: disable=invalid-name
|
||||
handler500 = "bookwyrm.views.server_error"
|
||||
|
||||
# pylint: disable=invalid-name
|
||||
handler403 = "bookwyrm.views.permission_required"
|
||||
|
|
|
@ -167,3 +167,4 @@ from .annual_summary import (
|
|||
summary_revoke_key,
|
||||
)
|
||||
from .server_error import server_error
|
||||
from .permission_required import permission_required
|
||||
|
|
8
bookwyrm/views/permission_required.py
Normal file
8
bookwyrm/views/permission_required.py
Normal file
|
@ -0,0 +1,8 @@
|
|||
"""custom 403 handler to enable context processors"""
|
||||
from django.template.response import TemplateResponse
|
||||
|
||||
|
||||
def permission_required(request, exception): # pylint: disable=unused-argument
|
||||
"""permission denied page"""
|
||||
|
||||
return TemplateResponse(request, "403.html")
|
Loading…
Reference in a new issue