Python httplib.FORBIDDEN Examples
The following are 30
code examples of httplib.FORBIDDEN().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
httplib
, or try the search function
.
.
Example #1
| Source File: zip_urlfetch_tree.py From cloud-playground with Apache License 2.0 | 6 votes |
|
def __init__(self, namespace, access_key):
if not namespace:
Abort(httplib.FORBIDDEN, 'Missing namespace')
if not access_key:
Abort(httplib.FORBIDDEN, 'Missing access key')
super(ZipUrlFetchTree, self).__init__(namespace, access_key)
self.namespace = namespace
self.access_key = access_key
path_info = '{}/zip'.format(common.CONTROL_PREFIX)
query_params = '{}={}&use_basepath=false'.format(
common.config.PROJECT_ID_QUERY_PARAM, namespace)
playground_hostname = (settings.PLAYGROUND_USER_CONTENT_HOST or
settings.PLAYGROUND_HOSTS[0])
url = 'https://{}{}?{}'.format(playground_hostname, path_info, query_params)
result = shared.Fetch(access_key, url, method='GET', deadline=30, retries=3)
buf = cStringIO.StringIO(result.content)
self._zipfile = zipfile.ZipFile(buf)
Example #2
| Source File: dev_appserver_multiprocess.py From browserscope with Apache License 2.0 | 6 votes |
|
def HandleRequest(self, request):
"""Hook that allows the DevProcess a chance to respond to requests.
This hook is invoked just before normal request dispatch occurs in
dev_appserver.py.
Args:
request: The request to be handled.
Returns:
bool: Indicates whether the request was handled here. If False, normal
request handling should proceed.
"""
if self.IsBackendInstance() and not self.started:
if request.path != '/_ah/start':
request.send_response(httplib.FORBIDDEN,
'Waiting for start request to finish.')
return True
return False
Example #3
| Source File: api.py From cascade-server with Apache License 2.0 | 6 votes |
|
def create_user():
if not settings.load()['config'].get('allow_account_creation', False):
return JSONResponse(status=httplib.FORBIDDEN)
""" This API route is used by the create new account template to add a new user into Mongo """
if isinstance(request.json, dict):
args = request.json
if args.get('username') and args.get('password'):
try:
user = users.create_user(args['username'], args['password'], args.get('email'), args.get('full_name'))
except users.PasswordPolicyError as error:
regex, rules = error.args
return JSONResponse({'violation': {'regex': regex, 'rules': rules}}, httplib.BAD_REQUEST)
if user is not None:
response = Response(status=httplib.CREATED)
response.set_cookie('user-token', user.generate_token(), max_age=datetime.timedelta(days=7))
return response
else:
return JSONResponse({'message': 'Username already exists!'}, status=httplib.BAD_REQUEST)
return JSONResponse({'message': 'Username, email and password are required'}, status=httplib.BAD_REQUEST)
Example #4
| Source File: exemptions.py From upvote with Apache License 2.0 | 6 votes |
|
def get(self, host_id):
logging.info('Retrieving Exemption for host %s', host_id)
# This request should only be available to admins or users who have (at
# least at one time) had control of the host.
if not (self.user.is_admin or
model_utils.IsHostAssociatedWithUser(self.host, self.user)):
logging.warning(
'User %s is not authorized to access Exemption for host %s',
self.user.nickname, host_id)
self.abort(
httplib.FORBIDDEN,
explanation='Host not associated with user %s' % self.user.nickname)
if self.exm is None:
self.abort(httplib.NOT_FOUND, explanation='Exemption not found')
self.respond_json(self.exm)
Example #5
| Source File: events_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUser_GetOthersEvent(self):
with self.LoggedInUser(user=self.user_1):
self.testapp.get(
self.ROUTE % self.santa_blockable1.key.id(),
params={'asUser': self.user_2.nickname},
status=httplib.FORBIDDEN)
Example #6
| Source File: blockables_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetFlaggedBlockables(self):
"""Normal user getting a list of flagged blockables."""
params = {'filter': 'flagged'}
with self.LoggedInUser():
self.testapp.get('/blockables/all/all', params, status=httplib.FORBIDDEN)
Example #7
| Source File: rules_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetListNoPermissions(self):
"""Normal user attempts to retrieve all rules."""
with self.LoggedInUser():
self.testapp.get(self.QUERY_ROUTE, status=httplib.FORBIDDEN)
Example #8
| Source File: rules_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetQueryNoPermissions(self):
"""Normal user queries a rule."""
params = {
'search': self.blockable1.key.id(),
'searchBase': 'targetId'}
with self.LoggedInUser():
self.testapp.get(self.QUERY_ROUTE, params, status=httplib.FORBIDDEN)
Example #9
| Source File: blockables_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetBlockableList(self):
"""Normal user getting a list of all blockables."""
with self.LoggedInUser():
self.testapp.get('/blockables/all/all', status=httplib.FORBIDDEN)
Example #10
| Source File: hosts_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testGetByUserId_NotAuthorized(self):
other_user_id = test_utils.CreateUser().key.id()
with self.LoggedInUser():
self.testapp.get(
self.USER_ID_ROUTE % other_user_id, status=httplib.FORBIDDEN)
Example #11
| Source File: events_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetListAllEvents(self):
"""Normal user attempting to get all events."""
params = {'asAdmin': 'true'}
with self.LoggedInUser(user=self.user_1):
self.testapp.get(self.ROUTE, params, status=httplib.FORBIDDEN)
Example #12
| Source File: events_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetOthersEvent(self):
"""Getting another user's event by id without permission."""
with self.LoggedInUser(user=self.user_1):
self.testapp.get(
self.ROUTE % self.santa_event1_from_user2.key.urlsafe(),
status=httplib.FORBIDDEN)
Example #13
| Source File: votes_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_User_AsRole_NotAuthorized(self):
params = {'wasYesVote': 'true', 'asRole': constants.USER_ROLE.TRUSTED_USER}
with self.LoggedInUser(email_addr=self.user_2.email):
self.testapp.post(
self.ROUTE % self.santa_blockable.key.id(), params,
status=httplib.FORBIDDEN)
Example #14
| Source File: exemptions.py From upvote with Apache License 2.0 | 5 votes |
|
def post(self, host_id):
if not self.exm:
self.abort(httplib.NOT_FOUND, explanation='Exemption not found')
# Humans should never trigger the transition from PENDING to DENIED, only
# api.Process() should.
if self.exm.key.get().state == constants.EXEMPTION_STATE.PENDING:
self.abort(httplib.FORBIDDEN, explanation='Cannot deny a pending request')
justification = self.request.get('justification')
if not justification:
self.abort(
httplib.BAD_REQUEST,
explanation='No justification for denial provided')
try:
exemption_api.Deny(self.exm.key, details=[justification])
except Exception: # pylint: disable=broad-except
logging.exception(
'Error encountered while denying Exemption for host %s', host_id)
self.abort(
httplib.INTERNAL_SERVER_ERROR,
explanation='Error while denying exemption')
self.respond_json(self.exm.key.get())
Example #15
| Source File: exemptions.py From upvote with Apache License 2.0 | 5 votes |
|
def post(self, host_id):
if not self.exm:
self.abort(httplib.NOT_FOUND, explanation='Exemption not found')
# Verify that the current user is associated with the Host.
# NOTE: Admins don't get a pass here, they can (and should) use the
# above 'revoke' handler instead.
if not model_utils.IsHostAssociatedWithUser(self.host, self.user):
logging.error(
'Host %s not associated with user %s', host_id, self.user.nickname)
self.abort(
httplib.FORBIDDEN,
explanation='Host not associated with requesting user')
try:
exemption_api.Cancel(self.exm.key)
except Exception: # pylint: disable=broad-except
logging.exception(
'Error encountered while cancelling Exemption for host %s', host_id)
self.abort(
httplib.INTERNAL_SERVER_ERROR,
explanation='Failed to cancel exemption')
self._RespondWithExemptionAndTransitiveState(self.exm.key)
# The Webapp2 routes defined for these handlers.
Example #16
| Source File: hosts_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testGet_UnknownUser(self):
user = test_utils.CreateUser()
host = test_utils.CreateSantaHost(primary_user=user.nickname)
with self.LoggedInUser() as other_user:
self.assertFalse(model_utils.IsHostAssociatedWithUser(host, other_user))
self.testapp.get(self.ROUTE % host.key.id(), status=httplib.FORBIDDEN)
Example #17
| Source File: exemptions.py From upvote with Apache License 2.0 | 5 votes |
|
def post(self, host_id):
if not self.exm:
self.abort(httplib.NOT_FOUND, explanation='Exemption not found')
# Humans should never trigger the transition from PENDING to APPROVED, only
# api.Process() should.
if self.exm.key.get().state == constants.EXEMPTION_STATE.PENDING:
self.abort(
httplib.FORBIDDEN, explanation='Cannot approve a pending request')
# Extract and validate POST data fields.
justification = self.request.get('justification')
if not justification:
self.abort(
httplib.BAD_REQUEST,
explanation='No justification for approval provided')
try:
exemption_api.Approve(self.exm.key, details=[justification])
except Exception: # pylint: disable=broad-except
logging.exception(
'Error encountered while approving Exemption for host %s', host_id)
self.abort(
httplib.INTERNAL_SERVER_ERROR,
explanation='Error while approving exemption')
self._RespondWithExemptionAndTransitiveState(self.exm.key)
Example #18
| Source File: emergency_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testForbidden(self):
with self.LoggedInUser():
self.testapp.get('/emergency', status=httplib.FORBIDDEN)
Example #19
| Source File: votes_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_OperationNotAllowedError(self, mock_vote):
with self.LoggedInUser():
self.testapp.post(
self.ROUTE % test_utils.RandomSHA256(),
params={'wasYesVote': 'true'},
status=httplib.FORBIDDEN)
Example #20
| Source File: features_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testGet_UnknownGroup(self):
self.mock_group_manager.DoesGroupExist.return_value = False
with self.LoggedInUser():
self.testapp.get(self.ROUTE % 'valid', status=httplib.FORBIDDEN)
Example #21
| Source File: votes_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetID(self):
"""Normal user attempts to get a vote by ID."""
with self.LoggedInUser(email_addr=self.user_1.email):
self.testapp.get(
self.ROUTE % self.vote_1.key.urlsafe(), status=httplib.FORBIDDEN)
Example #22
| Source File: votes_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetQueryNoPermissions(self):
"""Normal user queries a rule."""
params = {
'search': self.user_1.email,
'searchBase': 'userEmail'}
with self.LoggedInUser(email_addr=self.user_1.email):
self.testapp.get(self.ROUTE, params, status=httplib.FORBIDDEN)
Example #23
| Source File: votes_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testUserGetList_NoPermissions(self):
"""Normal user attempts to retrieve all users."""
with self.LoggedInUser(email_addr=self.user_1.email):
self.testapp.get(self.ROUTE, status=httplib.FORBIDDEN)
Example #24
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_InvalidUser_Admin(self):
with self.LoggedInUser(admin=True):
self.testapp.post(self.ROUTE % self.host_id, status=httplib.FORBIDDEN)
self.assertEqual(
constants.EXEMPTION_STATE.APPROVED, self.exm_key.get().state)
self.assertNoBigQueryInsertions()
Example #25
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden(self):
with self.LoggedInUser():
params = {'justification': 'I want to'}
self.testapp.post(
self.ROUTE % self.host_id, params, status=httplib.FORBIDDEN)
self.assertEqual(
constants.EXEMPTION_STATE.APPROVED, self.exm_key.get().state)
Example #26
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden_Pending(self):
other_host_key = test_utils.CreateSantaHost().key
other_host_id = other_host_key.id()
test_utils.CreateExemption(other_host_id, initial_state=_STATE.PENDING)
with self.LoggedInUser(admin=True):
self.testapp.post(self.ROUTE % other_host_id, status=httplib.FORBIDDEN)
Example #27
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden_NonAdmin(self):
with self.LoggedInUser():
params = {'justification': 'I want to'}
self.testapp.post(
self.ROUTE % self.host_id, params, status=httplib.FORBIDDEN)
self.assertEqual(
constants.EXEMPTION_STATE.ESCALATED, self.exm_key.get().state)
Example #28
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden_Pending(self):
other_host_key = test_utils.CreateSantaHost().key
other_host_id = other_host_key.id()
test_utils.CreateExemption(other_host_id, initial_state=_STATE.PENDING)
with self.LoggedInUser(admin=True):
self.testapp.post(self.ROUTE % other_host_id, status=httplib.FORBIDDEN)
Example #29
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden_NonAdmin(self):
with self.LoggedInUser():
params = {'justification': 'I want to'}
self.testapp.post(
self.ROUTE % self.host_id, params, status=httplib.FORBIDDEN)
self.assertEqual(
constants.EXEMPTION_STATE.ESCALATED, self.exm_key.get().state)
Example #30
| Source File: exemptions_test.py From upvote with Apache License 2.0 | 5 votes |
|
def testPost_Forbidden(self):
user = test_utils.CreateUser()
host = test_utils.CreateSantaHost(primary_user=user.nickname)
with self.LoggedInUser(): # Without arguments, will log in as a new user.
self.testapp.post(self.ROUTE % host.key.id(), status=httplib.FORBIDDEN)
self.mock_process.assert_not_called()
