本文整理汇总了Python中werkzeug.exceptions.Forbidden方法的典型用法代码示例。如果您正苦于以下问题:Python exceptions.Forbidden方法的具体用法?Python exceptions.Forbidden怎么用?Python exceptions.Forbidden使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类werkzeug.exceptions的用法示例。
在下文中一共展示了exceptions.Forbidden方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: post
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def post(self, name):
if not may(DELETE):
raise Forbidden()
try:
with current_app.storage.open(name) as item:
if not item.meta[COMPLETE] and not may(ADMIN):
error = 'Upload incomplete. Try again later.'
return render_template('error.html', heading=item.meta[FILENAME], body=error), 409
if item.meta[LOCKED] and not may(ADMIN):
raise Forbidden()
current_app.storage.remove(name)
except (OSError, IOError) as e:
if e.errno == errno.ENOENT:
raise NotFound()
raise
return redirect_next_referrer('bepasty.index') 示例2: post
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def post(self, name):
if self.REQUIRED_PERMISSION is not None and not may(self.REQUIRED_PERMISSION):
raise Forbidden()
try:
with current_app.storage.openwrite(name) as item:
if item.meta[self.KEY] == self.NEXT_VALUE:
error = '%s already is %r.' % (self.KEY, self.NEXT_VALUE)
elif not item.meta[COMPLETE]:
error = 'Upload incomplete. Try again later.'
else:
error = None
if error:
return render_template('error.html', heading=item.meta[FILENAME], body=error), 409
item.meta[self.KEY] = self.NEXT_VALUE
return redirect_next_referrer('bepasty.display', name=name)
except (OSError, IOError) as e:
if e.errno == errno.ENOENT:
raise NotFound()
raise 示例3: get
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def get(self, name):
if not may(CREATE):
raise Forbidden()
try:
item = current_app.storage.open(name)
except (OSError, IOError) as e:
if e.errno == errno.ENOENT:
return 'No file found.', 404
raise
if item.meta[COMPLETE]:
error = 'Upload complete. Cannot delete fileupload garbage.'
else:
error = None
if error:
return error, 409
try:
item = current_app.storage.remove(name)
except (OSError, IOError) as e:
if e.errno == errno.ENOENT:
raise NotFound()
raise
return 'Upload aborted' 示例4: post
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def post(self):
if not may(CREATE):
raise Forbidden()
lang = request.form.get('language')
content_type = self.TRANS.get(lang)
content_type_hint = 'text/plain'
filename = None
t = request.form['code']
# t is already unicode, but we want utf-8 for storage
t = t.encode('utf-8')
size = len(t)
f = BytesIO(t)
maxlife_timestamp = FOREVER
name = create_item(f, filename, size, content_type, content_type_hint,
maxlife_stamp=maxlife_timestamp)
return redirect_next('bepasty.display', name=name, _anchor=url_quote(filename)) 示例5: test_authed_user_api_request_forbidden
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def test_authed_user_api_request_forbidden(self, client, monkeypatch):
client.login_user()
# really we're mocking flask.request.is_json to True, but for some
# reason, monkeypatch shits a brick trying to mock @property attrs
monkeypatch.setattr('flask.request._parsed_content_type',
['application/json'])
@anonymous_user_required
def method():
raise MethodCalled
with pytest.raises(Forbidden):
method()
monkeypatch.undo() 示例6: test_lock_it_down_raise_exception
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def test_lock_it_down_raise_exception():
app = Flask("test_lock_it_down_raise_exception")
app.debug = True
bouncer = Bouncer(app, ensure_authorization=True)
@bouncer.authorization_method
def define_authorization(user, they):
they.can('browse', Article)
# Non decorated route -- should raise an Forbidden
@app.route("/articles")
def articles_index():
return "A bunch of articles"
client = app.test_client()
jonathan = User(name='jonathan', admin=False)
with user_set(app, jonathan):
resp = client.get('/articles') 示例7: test_bypass_route
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def test_bypass_route():
app = Flask("test_lock_it_down_raise_exception")
app.debug = True
bouncer = Bouncer(app, ensure_authorization=True)
@bouncer.authorization_method
def define_authorization(user, they):
they.can('browse', Article)
# Non decorated route -- should raise an Forbidden
@app.route("/articles")
@skip_authorization
def articles_index():
return "A bunch of articles"
client = app.test_client()
jonathan = User(name='jonathan', admin=False)
with user_set(app, jonathan):
resp = client.get('/articles')
eq_(b"A bunch of articles", resp.data) 示例8: _test_permissions
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def _test_permissions(
client,
usr,
permissions,
will_succeed,
kwargs=None,
):
request.view_args.update({'service_id': 'foo'})
if usr:
client.login(usr)
decorator = user_has_permissions(*permissions, **(kwargs or {}))
decorated_index = decorator(index)
if will_succeed:
decorated_index()
else:
try:
if (
decorated_index().location != '/sign-in?next=%2F' or
decorated_index().status_code != 302
):
pytest.fail("Failed to throw a forbidden or unauthorised exception")
except (Forbidden, Unauthorized):
pass 示例9: test_user_doesnt_have_permissions_for_organisation
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def test_user_doesnt_have_permissions_for_organisation(
client,
mocker,
):
user = _user_with_permissions()
user['organisations'] = ['org_1', 'org_2']
mocker.patch('app.user_api_client.get_user', return_value=user)
client.login(user)
request.view_args = {'org_id': 'org_3'}
@user_has_permissions()
def index():
pass
with pytest.raises(Forbidden):
index() 示例10: test_abort_if_not_public
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def test_abort_if_not_public(self):
"""Test that if g.requires_auth has an effect.
If it is True and no user is there (and no admin) then it will abort.
"""
with self._init_context():
# user is None by default, admin is False
# g.auth_required not set (e.g. no amivauth subclass) -> nothing
abort_if_not_public()
# Set to False -> nothing
g.auth_required = False
abort_if_not_public()
# Set to True -> abort(401)/Forbidden
g.auth_required = True
with self.assertRaises(Unauthorized):
abort_if_not_public()
# User was found -> no abort
g.current_user = "something"
abort_if_not_public()
# Tests for authentication 示例11: issue_usr
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def issue_usr(body, requested_permissions):
email = get_user_email()
if not email:
raise Forbidden("Authenticate with a user-related "
"mechanism to issue user tokens")
session = g.db.session('relengapi')
token_row = tables.Token(
typ='usr',
user=email,
description=body.description,
permissions=requested_permissions,
disabled=False)
session.add(token_row)
session.commit()
rv = token_row.to_jsontoken()
rv.token = tokenstr.claims_to_str(
{'iss': 'ra2', 'typ': 'usr', 'jti': 't%d' % token_row.id})
return rv 示例12: query_token
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def query_token(body):
"""Get a token, specified by the token key given in the request body
(this avoids embedding a token in a URL, where it might be logged).
The caller must have permission to view this type of token, unless
the token is limited-duration (in which case the API is simply
decoding the JSON web token anyway)."""
# use the token loader to interpret the token
user = loader.token_loader.from_str(body)
if not user:
raise NotFound
if not can_access_token('view',
user.claims['typ'],
getattr(user, 'authenticated_email', None)):
raise Forbidden
return user_to_jsontoken(user) 示例13: get
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def get(self):
if not may(LIST):
raise Forbidden()
files = sorted(file_infos(), key=lambda f: f[TIMESTAMP_UPLOAD], reverse=True)
return render_template('filelist.html', files=files) 示例14: csrf_protect
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def csrf_protect():
if request.method not in ('GET', 'HEAD', 'OPTIONS', 'TRACE'):
referer = request.headers.get('Referer')
if referer is None or different_origin(referer, request.url_root):
raise Forbidden(description="Referer check failed.") 示例15: csrf_protect
# 需要导入模块: from werkzeug import exceptions [as 别名]
# 或者: from werkzeug.exceptions import Forbidden [as 别名]
def csrf_protect():
if request.method not in ('GET', 'HEAD', 'OPTIONS', 'TRACE'):
referer = request.headers.get('Referer')
print(referer)
if referer is None or different_origin(referer, request.url_root):
raise Forbidden(description="Referer check failed.")