source: TI01-discovery/trunk/OAIInfoEditor/oai_info_editor/lib/security_redirector.py @ 6273

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI01-discovery/trunk/OAIInfoEditor/oai_info_editor/lib/security_redirector.py@6273
Revision 6273, 2.2 KB checked in by sdonegan, 11 years ago (diff)

Phil updated this as doesnt need support for PIPMiddlewareConfigError anymore (conflicts with latest security)

Line 
1#!/usr/bin/env python
2"""
3WSGI Authorization handler - to handle redirection following access failure
4- NB, this is used mainly to redirect from the non-admin to the admin role or
5from the non-system user to the error page
6
7NERC DataGrid Project
8"""
9__author__ = "C Byrom"
10__date__ = "29/06/09"
11__copyright__ = "(C) 2009 Science and Technology Facilities Council"
12__license__ = "BSD - see LICENSE file in top-level directory"
13__contact__ = "Philip.Kershaw@stfc.ac.uk"
14__revision__ = '$Id$'
15import logging
16
17
18import unittest
19import os
20from urlparse import urlunsplit
21
22from os.path import expandvars as xpdVars
23from os.path import join as jnPath
24mkPath = lambda file: jnPath(os.environ['NDGSEC_COMBINED_SRVS_UNITTEST_DIR'], 
25                             file)
26
27import paste.fixture
28from paste.deploy import loadapp
29from ndg.security.server.wsgi import NDGSecurityMiddlewareBase
30from ndg.security.server.wsgi.authz import PEPResultHandlerMiddleware
31from ndg.security.common.authz.msi import Response
32from oai_info_editor.lib.base import *
33from oai_info_editor.controllers.master import ADMIN_PARAMETER
34
35class RedirectFollowingAccessDenied(PEPResultHandlerMiddleware):
36    mountPoint = '/oai-info-editor'
37   
38    @NDGSecurityMiddlewareBase.initCall
39    def __call__(self, environ, start_response):
40       
41        # NB, the admin rights will be passed in the query_string as admin=1
42        # - the only case that access may be denied to admin is when they are
43        # attempting to access the main home page - in this case they need to
44        # be redirected to the home page with the admin flag set on it
45        queryString = environ.get('QUERY_STRING', '')
46        path = environ.get('PATH_INFO', '')
47#        if path == '/home' and '?' + queryString != ADMIN_PARAMETER:
48        if '?' + queryString != ADMIN_PARAMETER:
49            return self.redirect("%s%s%s" %(RedirectFollowingAccessDenied.mountPoint,
50                                            path, ADMIN_PARAMETER))
51        else:
52            response = \
53"""Error: You do not currently have access rights to view this resource.
54\n\n
55Please contact the site administrator, if this needs to be arranged.
56"""
57
58            return self._setErrorResponse(code=403, msg=response)
59       
Note: See TracBrowser for help on using the repository browser.