Mercurial > p > roundup > code

annotate roundup/cgi/exceptions.py @ 8505:299edbd03ddf

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
bug: rearrange test condition to optimize test w/ most likely to fail first and expensive permission check last
author John Rouillard <rouilj@ieee.org>
date Tue, 23 Dec 2025 22:11:23 -0500
parents ef1ea918b07a
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 2924
diff changeset
1 """Exceptions for use in Roundup's web interface.
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 2924
diff changeset
2 """
2129
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents: 2062
diff changeset
3
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents: 2062
diff changeset
4 __docformat__ = 'restructuredtext'
3fd672293712 add and use Reject exception [SF#700265]
Richard Jones <richard@users.sourceforge.net>
parents: 2062
diff changeset
5
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
6 from roundup.exceptions import LoginError, Unauthorised # noqa: F401
5800
1a835db41674 Call cgi.escape only on python 2. Replace with html.escapeif it can be
John Rouillard <rouilj@ieee.org>
parents: 5630
diff changeset
7
5837
883c9e90b403 Fix problem with cgi.escape being depricated a different way. This way
John Rouillard <rouilj@ieee.org>
parents: 5800
diff changeset
8 from roundup.anypy.html import html_escape
2062
f6d7ccce8d96 cgi exceptions fix
Richard Jones <richard@users.sourceforge.net>
parents: 2052
diff changeset
9
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
10 from roundup.exceptions import RoundupException
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
11
6973
a1cffeef5f87 flak8 spacing fixes.
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
12
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
13 class RoundupCGIException(RoundupException):
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
14 pass
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
15
6973
a1cffeef5f87 flak8 spacing fixes.
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
16
8411
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
17 class Reauth(RoundupCGIException):
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
18 """Raised by auditor, to trigger password verification before commit.
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
19
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
20 Before committing changes to sensitive fields, triggers the
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
21 following workflow:
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
22
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
23 1. user is presented with a page to enter his/her password
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
24 2. page is submitted to reauth action
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
25 3. password is verified by LoginAction.verifyPassword
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
26 4. change is committed to database.
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
27
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
28 If 3 fails, restart at step 1.
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
29
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
30 Client.reauth() method is used to handle step 1. Should be
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
31 able to be overridden in interfaces.py. Step 2 is done by
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
32 _generic.reauth.html. Steps 3 and 4 (and cycle back to 1) is
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
33 done by cgi/actions.py:Reauth action.
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
34 """
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
35 pass
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
36
ef1ea918b07a feat(security): Add user confirmation/reauth for sensitive changes
John Rouillard <rouilj@ieee.org>
parents: 8408
diff changeset
37
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
38 class HTTPException(RoundupCGIException):
8407
700424ba015c Doc: add docstrings to http exceptions
John Rouillard <rouilj@ieee.org>
parents: 6973
diff changeset
39 """Base exception for all HTTP error codes."""
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
40 pass
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
41
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
42
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
43 class Redirect(HTTPException):
8407
700424ba015c Doc: add docstrings to http exceptions
John Rouillard <rouilj@ieee.org>
parents: 6973
diff changeset
44 """HTTP 302 status code"""
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
45 pass
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
46
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
47
8408
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
48 class NotModified(HTTPException):
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
49 """HTTP 304 status code"""
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
50 pass
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
51
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
52
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
53 class NotFound(HTTPException):
8407
700424ba015c Doc: add docstrings to http exceptions
John Rouillard <rouilj@ieee.org>
parents: 6973
diff changeset
54 """HTTP 404 status code unless self.response_code is set to
700424ba015c Doc: add docstrings to http exceptions
John Rouillard <rouilj@ieee.org>
parents: 6973
diff changeset
55 400 prior to raising exception.
700424ba015c Doc: add docstrings to http exceptions
John Rouillard <rouilj@ieee.org>
parents: 6973
diff changeset
56 """
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
57 pass
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
58
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
59
8408
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
60 class PreconditionFailed(HTTPException):
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
61 """HTTP 412 status code"""
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
62 pass
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
63
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
64
8408
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
65 class RateLimitExceeded(HTTPException):
e882a5d52ae5 refactor: move RateLimitExceeded to roundup.cgi.exceptions
John Rouillard <rouilj@ieee.org>
parents: 8407
diff changeset
66 """HTTP 429 error code"""
5630
07abc8d36940 Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents: 5264
diff changeset
67 pass
07abc8d36940 Add etag support to rest interface to prevent multiple users from
John Rouillard <rouilj@ieee.org>
parents: 5264
diff changeset
68
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
69
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
70 class DetectorError(RoundupException):
5079
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
71 """Raised when a detector throws an exception.
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
72 Contains details of the exception."""
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
73 def __init__(self, subject, html, txt):
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
74 self.subject = subject
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
75 self.html = html
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
76 self.txt = txt
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
77 BaseException.__init__(self, subject + ' ' + txt)
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
78
5079
65fef7858606 issue2550826 IOError in detector causes apache 'premature end of script headers' error
John Rouillard <rouilj@ieee.org>
parents: 4083
diff changeset
79
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
80 class FormError(ValueError):
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
81 """An 'expected' exception occurred during form parsing.
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
82
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
83 That is, something we know can go wrong, and don't want to alarm the user
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
84 with.
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
85
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
86 We trap this at the user interface level and feed back a nice error to the
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
87 user.
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
88
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
89 """
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
90 pass
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
91
6973
a1cffeef5f87 flak8 spacing fixes.
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
92
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6123
diff changeset
93 class IndexerQueryError(RoundupException):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6123
diff changeset
94 """Raised to handle errors from FTS searches due to query
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6123
diff changeset
95 syntax errors.
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6123
diff changeset
96 """
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6123
diff changeset
97 pass
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
98
6973
a1cffeef5f87 flak8 spacing fixes.
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
99
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
100 class SendFile(RoundupException):
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
101 """Send a file from the database."""
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
102
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
103
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
104 class SendStaticFile(RoundupException):
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
diff changeset
105 """Send a static file from the instance html directory."""
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
106
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
107
6123
c177e7128dc9 issue2551083 Replace BaseException and Exception with RoundupException
John Rouillard <rouilj@ieee.org>
parents: 6039
diff changeset
108 class SeriousError(RoundupException):
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
109 """Raised when we can't reasonably display an error message on a
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
110 templated page.
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
111
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
112 The exception value will be displayed in the error page, HTML
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
113 escaped.
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
114 """
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
115 def __str__(self):
4083
bbab97f8ffb2 XMLRPC improvements:
Stefan Seefeld <stefan@seefeld.name>
parents: 2924
diff changeset
116 return """
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
117 <html><head><title>Roundup issue tracker: An error has occurred</title>
2278
93bd8c4d43ef in HTML produced by SeriousError.__str__():
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2129
diff changeset
118 <link rel="stylesheet" type="text/css" href="@@file/style.css">
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
119 </head>
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
120 <body class="body" marginwidth="0" marginheight="0">
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
121 <p class="error-message">%s</p>
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
122 </body></html>
6039
0dc1e0222353 flake8 whitespace changes, suppress unused import warning
John Rouillard <rouilj@ieee.org>
parents: 5877
diff changeset
123 """ % html_escape(self.args[0])
2052
78e6a1e4984e forward-port from maint branch
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
124
2924
df4a3355ee8f added LoginError; fix vim modeline
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2278
diff changeset
125 # vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/