Python pyramid.httpexceptions.HTTPForbidden() Examples

The following are 8 code examples of pyramid.httpexceptions.HTTPForbidden(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module pyramid.httpexceptions , or try the search function .
Example #1
Source File: viewsTutorial.py    From muesli with GNU General Public License v3.0 6 votes vote down vote up
def unsubscribe(request):
    tutorials = request.context.tutorials
    tutorial = tutorials[0]
    lecture = tutorial.lecture
    ls = request.db.query(models.LectureStudent).get((lecture.id, request.user.id))
    if not ls or ls.tutorial_id != tutorial.id:
        return HTTPForbidden('Sie sind zu dieser Übungsgruppe nicht angemeldet')
    lrs = request.db.query(models.LectureRemovedStudent).get((lecture.id, request.user.id))
    if not lrs:
        lrs = models.LectureRemovedStudent()
        lrs.lecture = lecture
        lrs.student = request.user
    lrs.tutorial = tutorial
    if not lrs in request.db: request.db.add(lrs)
    request.db.delete(ls)
    request.db.commit()
    sendChangesMailUnsubscribe(request, tutorial, request.user)
    request.session.flash('Erfolgreich aus Übungsgruppe ausgetragen', queue='messages')
    return HTTPFound(location=request.route_url('overview')) 
Example #2
Source File: viewsUser.py    From muesli with GNU General Public License v3.0 6 votes vote down vote up
def confirmEmail(request):
    done = False
    aborted = False
    if request.context.confirmation.source != 'user/change_email':
        return HTTPForbidden('This confirmation is not for a email change')
    if request.POST.get('confirm'):
        user = request.context.confirmation.user
        user.email = request.context.confirmation.what
        request.db.delete(request.context.confirmation)
        request.db.commit()
        done = True
    elif request.POST.get('abort'):
        request.db.delete(request.context.confirmation)
        aborted = True
        request.db.commit()
    #       registerCommon(request, form)
    #       return HTTPFound(location=request.route_url('user_wait_for_confirmation'))
    return {'done': done,
            'aborted': aborted,
            'confirmation': request.context.confirmation} 
Example #3
Source File: viewsLecture.py    From muesli with GNU General Public License v3.0 6 votes vote down vote up
def doAllocation(request):
    db = request.db
    lecture = request.context.lecture
    if not lecture.mode == 'prefs':
        return HTTPForbidden('This lecture is not in preferences mode')
    allocation = Allocation(lecture)
    result = allocation.doAllocation()
    prefs = {}
    for student in set(result['students_unhappy']+result['students_without_group']):
        p = [tp for tp in student.time_preferences if tp.lecture_id==lecture.id and tp.penalty < utils.students_unhappiness]
        prefs[student.id] = p
    lecture.mode = 'off'
    db.commit()
    return {'lecture': lecture,
                    'result': result,
                    'prefs': prefs} 
Example #4
Source File: app.py    From pyramid_openapi3 with MIT License 5 votes vote down vote up
def hello(request):
    """Say hello."""
    if request.openapi_validated.parameters["query"]["name"] == "admin":
        raise HTTPForbidden()
    return {"hello": request.openapi_validated.parameters["query"]["name"]} 
Example #5
Source File: renderers.py    From n6 with GNU Affero General Public License v3.0 5 votes vote down vote up
def iter_content(self, **kwargs):
            try:
                yield self.render_content(list(self.data_generator))
            except TooMuchDataError as exc:
                raise HTTPForbidden(exc.public_message) 
Example #6
Source File: error_handlers.py    From channelstream with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
def unauthorized_handler(context, request, renderer="json"):
    if (
        request.matched_route
        and request.matched_route.pattern.startswith("/admin")
        or "api-explorer" in request.url
    ):
        url = request.route_url("admin_action", action="sign_in")
        return HTTPFound(url)
    return HTTPForbidden() 
Example #7
Source File: context.py    From muesli with GNU General Public License v3.0 5 votes vote down vote up
def checkTutorials(tutorials):
    if tutorials:
        lecture_id = tutorials[0].lecture_id
        for tutorial in tutorials:
            if tutorial.lecture_id != lecture_id:
                raise HTTPForbidden('Tutorials belong to different lectures!') 
Example #8
Source File: viewsLecture.py    From muesli with GNU General Public License v3.0 5 votes vote down vote up
def __call__(self):
        lecture = self.db.query(models.Lecture).get(self.lecture_id)
        tutorials = lecture.tutorials
        if self.request.method == 'POST':
            student_email = self.request.POST['student_email']
            new_tutorial  = int(self.request.POST['new_tutorial'])
            try:
                student = self.db.query(models.User).filter(models.User.email==student_email).one()
            except exc.NoResultFound:
                self.request.session.flash('Emailadresse nicht gefunden!', queue='errors')
                return {'lecture': lecture,
                        'tutorials': tutorials
                        }
            tutorial = [t for t in tutorials if t.id == new_tutorial]
            if len(tutorial)!=1:
                raise HTTPForbidden('Tutorial gehoert nicht zu dieser Vorlesung!')
            tutorial = tutorial[0]
            if student in lecture.students.all():
                self.request.session.flash('Der Student ist in diese Vorlesung bereits eingetragen!', queue='errors')
            else:
                lrs = self.request.db.query(models.LectureRemovedStudent).get((lecture.id, student.id))
                if lrs:
                    self.request.db.delete(lrs)
                #ls = request.db.query(models.LectureStudent).get((lecture.id, request.user.id))
                #if ls:
                #       oldtutorial = ls.tutorial
                #else:
                ls = models.LectureStudent()
                ls.lecture = lecture
                ls.student = student
                oldtutorial = None
                ls.tutorial = tutorial
                if not ls in self.request.db: self.request.db.add(ls)
                self.request.db.commit()
                self.request.session.flash('Der Student %s wurde in das Tutorial %s (%s) eingetragen' % (student, tutorial.time.__html__(), tutorial.tutor_name), queue='messages')
        return {'lecture': lecture,
                'tutorials': tutorials
                }