Gitiles
Code Review Sign In
gerrit.opencord.org / xos / 923f096557d961d6c5e0460a2036bcbd569da76a^! / . / planetstack / apigen / api.template.py
commit923f096557d961d6c5e0460a2036bcbd569da76a[log] [tgz]
authorScott Baker <smbaker@gmail.com>Mon Feb 02 14:33:08 2015 -0800
committerScott Baker <smbaker@gmail.com>Mon Feb 02 14:33:08 2015 -0800
treea86f25c6bd1106607823bae4bbdd30fad855db1b
parentdaca81681a2a7c802e0f191c12016e5fc3296cf9 [diff] [blame]
meaning error messages in REST permission errors

diff --git a/planetstack/apigen/api.template.py b/planetstack/apigen/api.template.py
index 7051c13..eb3074d 100644
--- a/planetstack/apigen/api.template.py
+++ b/planetstack/apigen/api.template.py

@@ -10,6 +10,7 @@
 from rest_framework import filters
 from django.conf.urls import patterns, url
 from rest_framework.exceptions import PermissionDenied as RestFrameworkPermissionDenied
+from django.core.exceptions import PermissionDenied as DjangoPermissionDenied
 
 if hasattr(serializers, "ReadOnlyField"):
     # rest_framework 3.x
@@ -202,15 +203,35 @@
     def destroy(self, request, *args, **kwargs):
         obj = self.get_object()
         if obj.can_update(request.user):
-            return super(generics.RetrieveUpdateDestroyAPIView, self).destroy(request, *args, **kwargs)
+            return super(PlanetStackRetrieveUpdateDestroyAPIView, self).destroy(request, *args, **kwargs)
         else:
             return Response(status=status.HTTP_400_BAD_REQUEST)
 
+    def handle_exception(self, exc):
+        # REST API drops the string attached to Django's PermissionDenied
+        # exception, and replaces it with a generic "Permission Denied"
+        if isinstance(exc, DjangoPermissionDenied):
+            response=Response({'detail': str(exc)}, status=status.HTTP_403_FORBIDDEN)
+            response.exception=True
+            return response
+        else:
+            return super(PlanetStackRetrieveUpdateDestroyAPIView, self).handle_exception(exc)
+
+class PlanetStackListCreateAPIView(generics.ListCreateAPIView):
+    def handle_exception(self, exc):
+        # REST API drops the string attached to Django's PermissionDenied
+        # exception, and replaces it with a generic "Permission Denied"
+        if isinstance(exc, DjangoPermissionDenied):
+            response=Response({'detail': str(exc)}, status=status.HTTP_403_FORBIDDEN)
+            response.exception=True
+            return response
+        else:
+            return super(PlanetStackListCreateAPIView, self).handle_exception(exc)
 
 # Based on core/views/*.py
 {% for object in generator.all %}
 
-class {{ object.camel }}List(generics.ListCreateAPIView):
+class {{ object.camel }}List(PlanetStackListCreateAPIView):
     queryset = {{ object.camel }}.objects.select_related().all()
     serializer_class = {{ object.camel }}Serializer
     id_serializer_class = {{ object.camel }}IdSerializer