pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add Flask error handlers

Browse Source
This commit is contained in:
dandds 2018-08-08 11:26:54 -04:00
parent 2cfc142417
commit 7b8934e0cb
7 changed files with 34 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
atst/app.py
View File

@ -15,6 +15,7 @@ from atst.routes import bp
from atst.routes.workspaces import bp as workspace_routes from atst.routes.workspaces import bp as workspace_routes
from atst.routes.requests import requests_bp from atst.routes.requests import requests_bp
from atst.routes.dev import bp as dev_routes from atst.routes.dev import bp as dev_routes
from atst.routes.errors import make_error_pages
from atst.domain.authnid.crl.validator import Validator from atst.domain.authnid.crl.validator import Validator
from atst.domain.auth import apply_authentication from atst.domain.auth import apply_authentication
@ -45,6 +46,7 @@ def make_app(config):
Session(app) Session(app)
assets_environment.init_app(app) assets_environment.init_app(app)
make_error_pages(app)
app.register_blueprint(bp) app.register_blueprint(bp)
app.register_blueprint(workspace_routes) app.register_blueprint(workspace_routes)
app.register_blueprint(requests_bp) app.register_blueprint(requests_bp)

12
atst/routes/__init__.py
View File

@ -1,4 +1,4 @@
from flask import Blueprint, render_template, g, redirect, session, url_for, request from flask import Blueprint, abort, render_template, g, redirect, session, url_for, request
from flask import current_app as app from flask import current_app as app
import pendulum import pendulum
@ -39,15 +39,7 @@ def login_redirect():
return redirect(url_for("atst.home")) return redirect(url_for("atst.home"))
else: else:
return redirect(url_for("atst.unauthorized")) return abort(401)
@bp.route("/unauthorized")
def unauthorized():
template = render_template('unauthorized.html')
response = app.make_response(template)
response.status_code = 401
return response
def _is_valid_certificate(request): def _is_valid_certificate(request):

13
atst/routes/errors.py Normal file
View File

@ -0,0 +1,13 @@
from flask import render_template
def make_error_pages(app):
@app.errorhandler(404)
def not_found(e):
return render_template("not_found.html"), 404
@app.errorhandler(401)
def unauthorized(e):
return render_template('unauthorized.html'), 401

4
atst/routes/requests/requests_form.py
View File

@ -1,4 +1,4 @@
from flask import g, redirect, render_template, url_for, request as http_request from flask import abort, g, redirect, render_template, url_for, request as http_request
from . import requests_bp from . import requests_bp
from atst.domain.requests import Requests from atst.domain.requests import Requests
@ -27,7 +27,7 @@ def requests_form_new(screen):
@requests_bp.route("/requests/new/<int:screen>/<string:request_id>", methods=["GET"]) @requests_bp.route("/requests/new/<int:screen>/<string:request_id>", methods=["GET"])
def requests_form_update(screen=1, request_id=None): def requests_form_update(screen=1, request_id=None):
if request_id and not _can_view_request(request_id): if request_id and not _can_view_request(request_id):
return redirect(url_for("atst.unauthorized")) abort(404)
request = Requests.get(request_id) if request_id is not None else None request = Requests.get(request_id) if request_id is not None else None
jedi_flow = JEDIRequestFlow(screen, request, request_id=request_id) jedi_flow = JEDIRequestFlow(screen, request, request_id=request_id)

12
templates/not_found.html Normal file
View File

@ -0,0 +1,12 @@
{% extends "error_base.html" %}
{% block content %}
<main class="usa-section usa-content">
<h1>Not Found</h1>
</main>
{% endblock %}

2
tests/routes/test_request_new.py
View File

@ -49,7 +49,7 @@ def test_non_owner_cannot_view_request(client, user_session):
response = client.get("/requests/new/1/{}".format(request.id), follow_redirects=True) response = client.get("/requests/new/1/{}".format(request.id), follow_redirects=True)
assert response.status_code == 401 assert response.status_code == 404
def test_ccpo_can_view_request(client, user_session): def test_ccpo_can_view_request(client, user_session):

7
tests/test_auth.py
View File

@ -27,8 +27,7 @@ def test_successful_login_redirect(client, monkeypatch):
def test_unsuccessful_login_redirect(client, monkeypatch): def test_unsuccessful_login_redirect(client, monkeypatch):
resp = client.get("/login-redirect") resp = client.get("/login-redirect")
assert resp.status_code == 302 assert resp.status_code == 401
assert "unauthorized" in resp.headers["Location"]
assert "user_id" not in session assert "user_id" not in session
@ -55,7 +54,6 @@ def test_routes_are_protected(client, app):
UNPROTECTED_ROUTES = ["/", "/login-dev", "/login-redirect", "/unauthorized"] UNPROTECTED_ROUTES = ["/", "/login-dev", "/login-redirect", "/unauthorized"]
# this implicitly relies on the test config and test CRL in tests/fixtures/crl # this implicitly relies on the test config and test CRL in tests/fixtures/crl
@ -72,8 +70,7 @@ def test_crl_validation_on_login(client):
"HTTP_X_SSL_CLIENT_CERT": bad_cert.decode(), "HTTP_X_SSL_CLIENT_CERT": bad_cert.decode(),
}, },
) )
assert resp.status_code == 302 assert resp.status_code == 401
assert "unauthorized" in resp.headers["Location"]
assert "user_id" not in session assert "user_id" not in session
# good cert is not on the test CRL, passes # good cert is not on the test CRL, passes