The SIO2 project
  1. The SIO2 project
  2. SIO-1182

when only_default_contest is set, not allowed users see "403 Forbidden"

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: Far Future
    • Fix Version/s: 0.1.6
    • Component/s: OIOIOI
    • Labels:
      None

      Activity

      Mateusz Kwapich made changes -
      Field Original Value New Value
      Fix Version/s 0.1.6 [ 11300 ]
      Mateusz Kwapich made changes -
      Assignee Maciej Dębski [ winemore ]
      Maciej Dębski made changes -
      Status New [ 10000 ] Open [ 1 ]
      Hide
      Maciej Dębski added a comment -
      After logging as not allowed user, one gets redirected to dashboard.
      Dashboard view uses @enforce_condition(can_enter_contest), which throws 403.

      Same behaviour may be observed while trying to change contest to one we're not participant of.
      With only_default_contest situation is worse, as user have no easy way to logout.

      Proposed fix:
      write @gently_enforce_condition decorator, which on False will show nice page saying user has no access there.
      Page template shall probably inherit just after base.html
      Show
      Maciej Dębski added a comment - After logging as not allowed user, one gets redirected to dashboard. Dashboard view uses @enforce_condition(can_enter_contest), which throws 403. Same behaviour may be observed while trying to change contest to one we're not participant of. With only_default_contest situation is worse, as user have no easy way to logout. Proposed fix: write @gently_enforce_condition decorator, which on False will show nice page saying user has no access there. Page template shall probably inherit just after base.html
      Maciej Dębski made changes -
      Status Open [ 1 ] In Progress [ 3 ]
      Hide
      Maciej Dębski added a comment -
      Alternative fix:
      In RegistrationController, and possibly other places make can_enter_contest return AccessDenied decision with rendered response instead of bool.
      Show
      Maciej Dębski added a comment - Alternative fix: In RegistrationController, and possibly other places make can_enter_contest return AccessDenied decision with rendered response instead of bool.
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 1
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

      Added gently_enforce_condition decorator, which returns nicer 403.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 1 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 2
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

      Added gently_enforce_condition decorator, which
      returns nicer 403.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 2 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 3
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

      Added gently_enforce_condition decorator, which
      returns nicer 403.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 3 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added gently_enforce_condition decorator, which returns nicer 403. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 4
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

      Added nice 403 page.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 4 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 5
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden"

      Added nice 403 page.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 5 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 when only_default_contest is set, not allowed users see "403 Forbidden" Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Hide
      Gerrit Gerrit added a comment -
      Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 6
      https://gerrit.sio2project.mimuw.edu.pl/1569

      SIO-1182 Added nice 403 page.

      Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Show
      Gerrit Gerrit added a comment - Change Ie14b5162e92717590ce1ed3f481350fc5800c3e8, patchset 6 https://gerrit.sio2project.mimuw.edu.pl/1569 SIO-1182 Added nice 403 page. Change-Id: Ie14b5162e92717590ce1ed3f481350fc5800c3e8
      Maciej Dębski made changes -
      Status In Progress [ 3 ] Resolved [ 5 ]
      Assignee Maciej Dębski [ winemore ] Szymon Acedański [ accek ]
      Resolution Fixed [ 1 ]
      Mateusz Kwapich made changes -
      Status Resolved [ 5 ] Closed [ 6 ]
      Transition Time In Source Status Execution Times Last Executer Last Execution Date
      New New Open Open
      13d 17h 43m 1 Maciej Dębski 2013-03-2 18:18
      Open Open In Progress In Progress
      13m 51s 1 Maciej Dębski 2013-03-2 18:32
      In Progress In Progress Resolved Resolved
      3d 23h 16m 1 Maciej Dębski 2013-03-6 17:48
      Resolved Resolved Closed Closed
      5d 1h 6m 1 Mateusz Kwapich 2013-03-11 18:54

        People

        • Assignee:
          Szymon Acedański
          Reporter:
          Michał Adamczyk
        • Votes:
          0 Vote for this issue
          Watchers:
          0 Start watching this issue

          Dates

          • Created:
            Updated:
            Resolved: