blob: 5a4cd078901e26146d0c4e5208c598e72f72e696 [file] [log] [blame]
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +01001# Copyright 2016 The Chromium Authors
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
Copybara854996b2021-09-07 19:36:02 +00004
5"""A class to display the a message explaining that the user has been banned.
6
7We can ban a user for anti-social behavior. We indicate that the user is
8banned by adding a 'banned' field to their User PB in the DB. Whenever
9a user with a banned indicator visits any page, AssertBasePermission()
10checks has_banned and redirects to this page.
11"""
12from __future__ import print_function
13from __future__ import division
14from __future__ import absolute_import
15
16import logging
17
18import ezt
19
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +010020from framework import permissions
Copybara854996b2021-09-07 19:36:02 +000021from framework import servlet
22
23
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +010024class Banned(servlet.Servlet):
Copybara854996b2021-09-07 19:36:02 +000025 """The Banned page shows a message explaining that the user is banned."""
26
27 _PAGE_TEMPLATE = 'framework/banned-page.ezt'
28
29 def AssertBasePermission(self, mr):
30 """Allow banned users to see this page, and prevent non-banned users."""
31 # Note, we do not call Servlet.AssertBasePermission because
32 # that would redirect banned users here again in an endless loop.
33
34 # We only show this page to users who are banned. If a non-banned user
35 # follows a link to this URL, don't show the banned message, because that
36 # would lead to a big misunderstanding.
37 if not permissions.IsBanned(mr.auth.user_pb, mr.auth.user_view):
38 logging.info('non-banned user: %s', mr.auth.user_pb)
39 self.abort(404)
40
41 def GatherPageData(self, mr):
42 """Build up a dictionary of data values to use when rendering the page."""
43 # Aside from plus-addresses, we do not display the specific
44 # reason for banning.
45 is_plus_address = '+' in (mr.auth.user_pb.email or '')
46
47 return {
48 'is_plus_address': ezt.boolean(is_plus_address),
49
50 # Make the "Sign Out" link just sign out, don't try to bring the
51 # user back to this page after they sign out.
52 'currentPageURLEncoded': None,
53 }
Adrià Vilanova Martínezde942802022-07-15 14:06:55 +020054
Adrià Vilanova Martínez9f9ade52022-10-10 23:20:11 +020055 def GetNoAccessPage(self, **kwargs):
56 return self.handler(**kwargs)