Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 1 | # Copyright 2016 The Chromium Authors |
| 2 | # Use of this source code is governed by a BSD-style license that can be |
| 3 | # found in the LICENSE file. |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 4 | |
| 5 | """A class to display the a message explaining that the user has been banned. |
| 6 | |
| 7 | We can ban a user for anti-social behavior. We indicate that the user is |
| 8 | banned by adding a 'banned' field to their User PB in the DB. Whenever |
| 9 | a user with a banned indicator visits any page, AssertBasePermission() |
| 10 | checks has_banned and redirects to this page. |
| 11 | """ |
| 12 | from __future__ import print_function |
| 13 | from __future__ import division |
| 14 | from __future__ import absolute_import |
| 15 | |
| 16 | import logging |
| 17 | |
| 18 | import ezt |
| 19 | |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 20 | from framework import permissions |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 21 | from framework import servlet |
| 22 | |
| 23 | |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 24 | class Banned(servlet.Servlet): |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 25 | """The Banned page shows a message explaining that the user is banned.""" |
| 26 | |
| 27 | _PAGE_TEMPLATE = 'framework/banned-page.ezt' |
| 28 | |
| 29 | def AssertBasePermission(self, mr): |
| 30 | """Allow banned users to see this page, and prevent non-banned users.""" |
| 31 | # Note, we do not call Servlet.AssertBasePermission because |
| 32 | # that would redirect banned users here again in an endless loop. |
| 33 | |
| 34 | # We only show this page to users who are banned. If a non-banned user |
| 35 | # follows a link to this URL, don't show the banned message, because that |
| 36 | # would lead to a big misunderstanding. |
| 37 | if not permissions.IsBanned(mr.auth.user_pb, mr.auth.user_view): |
| 38 | logging.info('non-banned user: %s', mr.auth.user_pb) |
| 39 | self.abort(404) |
| 40 | |
| 41 | def GatherPageData(self, mr): |
| 42 | """Build up a dictionary of data values to use when rendering the page.""" |
| 43 | # Aside from plus-addresses, we do not display the specific |
| 44 | # reason for banning. |
| 45 | is_plus_address = '+' in (mr.auth.user_pb.email or '') |
| 46 | |
| 47 | return { |
| 48 | 'is_plus_address': ezt.boolean(is_plus_address), |
| 49 | |
| 50 | # Make the "Sign Out" link just sign out, don't try to bring the |
| 51 | # user back to this page after they sign out. |
| 52 | 'currentPageURLEncoded': None, |
| 53 | } |
Adrià Vilanova Martínez | de94280 | 2022-07-15 14:06:55 +0200 | [diff] [blame] | 54 | |
Adrià Vilanova Martínez | 9f9ade5 | 2022-10-10 23:20:11 +0200 | [diff] [blame] | 55 | def GetNoAccessPage(self, **kwargs): |
| 56 | return self.handler(**kwargs) |