Python falcon.HTTP_403 Examples
The following are 7
code examples of falcon.HTTP_403().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
falcon
, or try the search function
.
.
Example #1
| Source File: policy.py From drydock with Apache License 2.0 | 5 votes |
|
def __call__(self, f):
@functools.wraps(f)
def secure_handler(slf, req, resp, *args, **kwargs):
ctx = req.context
policy_engine = ctx.policy_engine
self.logger.debug("Enforcing policy %s on request %s" %
(self.action, ctx.request_id))
if policy_engine is not None and policy_engine.authorize(
self.action, ctx):
return f(slf, req, resp, *args, **kwargs)
else:
if ctx.authenticated:
slf.info(
ctx,
"Error - Forbidden access - action: %s" % self.action)
slf.return_error(
resp,
falcon.HTTP_403,
message="Forbidden",
retry=False)
else:
slf.info(ctx, "Error - Unauthenticated access")
slf.return_error(
resp,
falcon.HTTP_401,
message="Unauthenticated",
retry=False)
return secure_handler
Example #2
| Source File: falcon_demo.py From spectree with Apache License 2.0 | 5 votes |
|
def on_post(self, req, resp, source, target):
"""
post demo
demo for `query`, `data`, `resp`, `x`
"""
print(f'{source} => {target}')
print(req.context.query)
print(req.context.json)
if random() < 0.5:
resp.status = falcon.HTTP_403
resp.media = {'loc': 'unknown', 'msg': 'bad luck', 'typ': 'random'}
return
resp.media = {'label': int(10 * random()), 'score': random()}
Example #3
| Source File: api.py From butterknife with MIT License | 5 votes |
|
def on_get(self, req, resp, subvol):
if not self.subvol_filter.match(subvol):
resp.body = "Subvolume does not match filter"
resp.status = falcon.HTTP_403
return
suggested_filename = "%s.%s-%s-%s.csv" % (subvol.namespace, subvol.identifier, subvol.architecture, subvol.version)
resp.set_header('Content-Type', 'text/plain')
resp.stream = self.pool.manifest(subvol)
Example #4
| Source File: api.py From butterknife with MIT License | 5 votes |
|
def on_get(self, req, resp, subvol):
if not self.subvol_filter.match(subvol):
resp.body = "Subvolume does not match filter"
resp.status = falcon.HTTP_403
return
try:
resp.stream = self.pool.signature(subvol)
suggested_filename = "%s.%s-%s-%s.asc" % (subvol.namespace, subvol.identifier, subvol.architecture, subvol.version)
resp.set_header('Content-Type', 'text/plain')
resp.set_header("Cache-Control", "public")
except FileNotFoundError:
resp.body = "Signature for %s not found" % subvol
resp.status = falcon.HTTP_404
Example #5
| Source File: policy.py From drydock with Apache License 2.0 | 5 votes |
|
def __call__(self, f):
@functools.wraps(f)
def secure_handler(slf, req, resp, *args, **kwargs):
ctx = req.context
policy_engine = ctx.policy_engine
self.logger.debug("Enforcing policy %s on request %s" %
(self.action, ctx.request_id))
if policy_engine is not None and policy_engine.authorize(
self.action, ctx):
return f(slf, req, resp, *args, **kwargs)
else:
if ctx.authenticated:
slf.info(
ctx,
"Error - Forbidden access - action: %s" % self.action)
slf.return_error(
resp,
falcon.HTTP_403,
message="Forbidden",
retry=False)
else:
slf.info(ctx, "Error - Unauthenticated access")
slf.return_error(
resp,
falcon.HTTP_401,
message="Unauthenticated",
retry=False)
return secure_handler
Example #6
| Source File: policy.py From promenade with Apache License 2.0 | 4 votes |
|
def __call__(self, f):
@functools.wraps(f)
def secure_handler(slf, req, resp, *args, **kwargs):
ctx = req.context
policy_eng = ctx.policy_engine
# policy engine must be configured
if policy_eng is not None:
LOG.debug(
'Enforcing policy %s on request %s using engine %s',
self.action,
ctx.request_id,
policy_eng.__class__.__name__,
ctx=ctx)
else:
LOG.error('No policy engine configured', ctx=ctx)
raise ex.PromenadeException(
title="Auth is not being handled by any policy engine",
status=falcon.HTTP_500,
retry=False)
authorized = False
try:
if policy_eng.authorize(self.action, ctx):
LOG.debug('Request is authorized', ctx=ctx)
authorized = True
except Exception:
LOG.exception(
'Error authorizing request for action %s',
self.action,
ctx=ctx)
raise ex.ApiError(
title="Expectation Failed",
status=falcon.HTTP_417,
retry=False)
if authorized:
return f(slf, req, resp, *args, **kwargs)
else:
# raise the appropriate response exeception
if ctx.authenticated:
LOG.error(
'Unauthorized access attempted for action %s',
self.action,
ctx=ctx)
raise ex.ApiError(
title="Forbidden",
status=falcon.HTTP_403,
description="Credentials do not permit access",
retry=False)
else:
LOG.error(
'Unathenticated access attempted for action %s',
self.action,
ctx=ctx)
raise ex.ApiError(
title="Unauthenticated",
status=falcon.HTTP_401,
description="Credentials are not established",
retry=False)
return secure_handler
Example #7
| Source File: policy.py From shipyard with Apache License 2.0 | 4 votes |
|
def check_auth(ctx, rule):
"""Checks the authorization to the requested rule
:param ctx: the request context for the action being performed
:param rule: the name of the policy rule to validate the user in the
context against
Returns if authorized, otherwise raises an ApiError.
"""
try:
policy_eng = ctx.policy_engine
LOG.info("Policy Engine: %s", policy_eng.__class__.__name__)
# perform auth
LOG.info("Enforcing policy %s on request %s", rule, ctx.request_id)
# policy engine must be configured
if policy_eng is None:
LOG.error(
"Error-Policy engine required-action: %s", rule)
raise AppError(
title="Auth is not being handled by any policy engine",
status=falcon.HTTP_500,
retry=False
)
if policy_eng.authorize(rule, ctx):
# authorized - log and return
LOG.info("Request to %s is authorized", rule)
return
except Exception as ex:
# couldn't service the auth request
LOG.exception("Error - Expectation Failed - action: %s", rule)
raise ApiError(
title="Expectation Failed",
status=falcon.HTTP_417,
retry=False
)
# raise the appropriate response exeception
if ctx.authenticated:
# authenticated but not authorized
LOG.error("Error: Forbidden access - action: %s", rule)
raise ApiError(
title="Forbidden",
status=falcon.HTTP_403,
description="Credentials do not permit access",
retry=False
)
else:
LOG.error("Error - Unauthenticated access")
raise ApiError(
title="Unauthenticated",
status=falcon.HTTP_401,
description="Credentials are not established",
retry=False
)
