admin: Add 405 page for json/... urls

The urls that start with "json/..." are intended only for use with the Datatables API. If a user requests this page from his/her browser, throw a 405 page.

admin: Add 405 page for json/... urls
The urls that start with "json/..." are intended only for use with the Datatables API. If a user requests this page from his/her browser, throw a 405 page.
068d6684 · Alex Pyrgiotis · 174b8e8f · 068d6684 · 068d6684 · 068d6684
Commit 068d6684 authored Aug 30, 2014 by Alex Pyrgiotis
4 changed files
--- a/snf-admin-app/synnefo_admin/admin/exceptions.py
+++ b/snf-admin-app/synnefo_admin/admin/exceptions.py
@@ -13,7 +13,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

-from django.http import Http404
+from django import http
 # Add the exceptions that are defined in actions.py in this file too, so that
 # all exceptions can exist under the same namespace.
 from synnefo_admin.admin.actions import (AdminActionNotPermitted,
@@ -22,8 +22,15 @@ from synnefo_admin.admin.actions import (AdminActionNotPermitted,
                                         AdminActionCannotApply)


-class AdminHttp404(Http404):
+class AdminHttp404(http.Http404):

    """404 Exception solely for admin pages."""

    pass
+
+
+class AdminHttp405(http.Http404):
+
+    """405 Exception solely for admin pages."""
+
+    status = 405
--- a/snf-admin-app/synnefo_admin/admin/middleware/__init__.py
+++ b/snf-admin-app/synnefo_admin/admin/middleware/__init__.py
@@ -16,10 +16,11 @@
 import logging
 from django.template import RequestContext, loader
 from django.http import HttpResponseNotFound
-from synnefo_admin.admin.exceptions import AdminHttp404
+from synnefo_admin.admin.exceptions import AdminHttp404, AdminHttp405
 from synnefo_admin.admin.views import default_dict

 ADMIN_404_TEMPLATE = 'admin/admin_404.html'
+ADMIN_405_TEMPLATE = 'admin/admin_405.html'


 def update_request_context(request, extra_context={}, **kwargs):
@@ -42,11 +43,15 @@ class AdminMiddleware(object):

    def process_exception(self, request, exception):
        """Create a 404 page only for exceptions generated by the admin app."""
-        if not isinstance(exception, AdminHttp404):
+        if isinstance(exception, AdminHttp404):
+            template = ADMIN_404_TEMPLATE
+        elif isinstance(exception, AdminHttp405):
+            template = ADMIN_405_TEMPLATE
+        else:
            return

        c = update_request_context(request, default_dict,
                                   msg=exception.message)
-        t = loader.get_template(ADMIN_404_TEMPLATE)
+        t = loader.get_template(template)
        response = t.render(c)
        return HttpResponseNotFound(response)
--- a/snf-admin-app/synnefo_admin/admin/templates/admin/admin_405.html
+++ b/snf-admin-app/synnefo_admin/admin/templates/admin/admin_405.html
+{% extends "admin/base.html" %}
+
+{% block content %}
+<h1>4 Oh 5!</h1>
+<h3>{{ msg }}</h3>
+{% endblock %}
--- a/snf-admin-app/synnefo_admin/admin/views.py
+++ b/snf-admin-app/synnefo_admin/admin/views.py
@@ -38,7 +38,7 @@ from astakos.im import settings as astakos_settings
 from astakos.admin import stats as astakos_stats
 from synnefo.admin import stats as cyclades_stats

-from synnefo_admin.admin.exceptions import AdminHttp404
+from synnefo_admin.admin.exceptions import AdminHttp404, AdminHttp405
 from synnefo_admin import admin_settings

 from synnefo_admin.admin import actions
@@ -259,6 +259,11 @@ def json_list(request, type):
    """Return a class-based view based on the given type."""
    admin_log(request, type=type)

+    content_types = request.META.get("HTTP_ACCEPT", "")
+    if "application/json" not in content_types:
+        raise AdminHttp405("""\
+The JSON content of this page is for internal use.
+You cannot view it on your browser.""")
    view = get_json_view_or_404(type)
    return view(request)