blob: 231f76ff034d7338ab358a23fa8201f6ff270c8e [file] [log] [blame]
Copybara854996b2021-09-07 19:36:02 +00001# Copyright 2016 The Chromium Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style
3# license that can be found in the LICENSE file or at
4# https://developers.google.com/open-source/licenses/bsd
5
6"""A class to display the a message explaining that the user has been banned.
7
8We can ban a user for anti-social behavior. We indicate that the user is
9banned by adding a 'banned' field to their User PB in the DB. Whenever
10a user with a banned indicator visits any page, AssertBasePermission()
11checks has_banned and redirects to this page.
12"""
13from __future__ import print_function
14from __future__ import division
15from __future__ import absolute_import
16
17import logging
18
19import ezt
20
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +020021from framework import flaskservlet, permissions
Copybara854996b2021-09-07 19:36:02 +000022from framework import servlet
23
24
25class Banned(servlet.Servlet):
26 """The Banned page shows a message explaining that the user is banned."""
27
28 _PAGE_TEMPLATE = 'framework/banned-page.ezt'
29
30 def AssertBasePermission(self, mr):
31 """Allow banned users to see this page, and prevent non-banned users."""
32 # Note, we do not call Servlet.AssertBasePermission because
33 # that would redirect banned users here again in an endless loop.
34
35 # We only show this page to users who are banned. If a non-banned user
36 # follows a link to this URL, don't show the banned message, because that
37 # would lead to a big misunderstanding.
38 if not permissions.IsBanned(mr.auth.user_pb, mr.auth.user_view):
39 logging.info('non-banned user: %s', mr.auth.user_pb)
40 self.abort(404)
41
42 def GatherPageData(self, mr):
43 """Build up a dictionary of data values to use when rendering the page."""
44 # Aside from plus-addresses, we do not display the specific
45 # reason for banning.
46 is_plus_address = '+' in (mr.auth.user_pb.email or '')
47
48 return {
49 'is_plus_address': ezt.boolean(is_plus_address),
50
51 # Make the "Sign Out" link just sign out, don't try to bring the
52 # user back to this page after they sign out.
53 'currentPageURLEncoded': None,
54 }
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +020055
56 # def GetNoAccessPage(self, **kwargs):
57 # return self.handler(**kwargs)