core: handle error when ?for_user is not numberical
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
58712047e1
commit
e4790f9060
|
@ -122,7 +122,10 @@ class ApplicationViewSet(UsedByMixin, ModelViewSet):
|
||||||
# If the current user is superuser, they can set `for_user`
|
# If the current user is superuser, they can set `for_user`
|
||||||
for_user = request.user
|
for_user = request.user
|
||||||
if request.user.is_superuser and "for_user" in request.query_params:
|
if request.user.is_superuser and "for_user" in request.query_params:
|
||||||
|
try:
|
||||||
for_user = get_object_or_404(User, pk=request.query_params.get("for_user"))
|
for_user = get_object_or_404(User, pk=request.query_params.get("for_user"))
|
||||||
|
except ValueError:
|
||||||
|
return HttpResponseBadRequest("for_user must be numerical")
|
||||||
engine = PolicyEngine(application, for_user, request)
|
engine = PolicyEngine(application, for_user, request)
|
||||||
engine.use_cache = False
|
engine.use_cache = False
|
||||||
engine.build()
|
engine.build()
|
||||||
|
|
|
@ -6,8 +6,6 @@ It exposes the ASGI callable as a module-level variable named ``application``.
|
||||||
For more information on this file, see
|
For more information on this file, see
|
||||||
https://docs.djangoproject.com/en/3.0/howto/deployment/asgi/
|
https://docs.djangoproject.com/en/3.0/howto/deployment/asgi/
|
||||||
"""
|
"""
|
||||||
from time import time
|
|
||||||
|
|
||||||
import django
|
import django
|
||||||
from asgiref.compatibility import guarantee_single_callable
|
from asgiref.compatibility import guarantee_single_callable
|
||||||
from channels.routing import ProtocolTypeRouter, URLRouter
|
from channels.routing import ProtocolTypeRouter, URLRouter
|
||||||
|
|
|
@ -17,11 +17,12 @@ class ASGIErrorHandler:
|
||||||
async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
|
async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
|
||||||
try:
|
try:
|
||||||
return await self.app(scope, receive, send)
|
return await self.app(scope, receive, send)
|
||||||
except Exception as exc: # pylint: disable=
|
except Exception as exc: # pylint: disable=broad-except
|
||||||
LOGGER.warning("Fatal ASGI exception", exc=exc)
|
LOGGER.warning("Fatal ASGI exception", exc=exc)
|
||||||
return await self.error_handler(send)
|
return await self.error_handler(send)
|
||||||
|
|
||||||
async def error_handler(self, send: Send) -> None:
|
async def error_handler(self, send: Send) -> None:
|
||||||
|
"""Return a generic error message"""
|
||||||
return await send(
|
return await send(
|
||||||
{
|
{
|
||||||
"type": "http.request",
|
"type": "http.request",
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
"""ASGI Types"""
|
||||||
import typing
|
import typing
|
||||||
|
|
||||||
# See https://github.com/encode/starlette/blob/master/starlette/types.py
|
# See https://github.com/encode/starlette/blob/master/starlette/types.py
|
||||||
|
|
Reference in New Issue