Added forbidden view.

This commit is contained in:
Lance Edgar 2013-09-20 20:17:59 -07:00
parent 2bdac13a14
commit 62a0b67502
2 changed files with 26 additions and 3 deletions

View file

@ -47,8 +47,6 @@ def add_routes(config):
def includeme(config):
add_routes(config)
config.add_forbidden_view('edbob.pyramid.views.forbidden')
config.add_view(home, route_name='home',
renderer='/home.mako')

View file

@ -27,7 +27,10 @@ Auth Views
"""
from pyramid.httpexceptions import HTTPFound
from pyramid.security import remember, forget
from pyramid.security import remember, forget, authenticated_userid
from webhelpers.html import literal
from webhelpers.html import tags
import formencode
from pyramid_simpleform import Form
@ -38,6 +41,26 @@ from ..db import Session
from rattail.db.auth import authenticate_user, set_user_password
def forbidden(request):
"""
Access forbidden view.
This is triggered whenever access is not allowed for an otherwise
appropriate view.
"""
msg = literal("You do not have permission to do that.")
if not authenticated_userid(request):
msg += literal("  (Perhaps you should %s?)" %
tags.link_to("log in", request.route_url('login')))
request.session.flash(msg, allow_duplicate=False)
url = request.referer
if not url or url == request.current_route_url():
url = request.route_url('home')
return HTTPFound(location=url)
class UserLogin(formencode.Schema):
allow_extra_fields = True
filter_extra_fields = True
@ -143,6 +166,8 @@ def add_routes(config):
def includeme(config):
add_routes(config)
config.add_forbidden_view(forbidden)
config.add_view(login, route_name='login',
renderer='/login.mako')