Merge pull request #4038 from edx/anton/redirect-on-error

Add 401 error handler.
2014-07-01 17:03:09 +03:00
parent b989ec149a 584da69bee
commit 8201c9906a
4 changed files with 19 additions and 3 deletions
--- a/lms/djangoapps/courseware/module_render.py
+++ b/lms/djangoapps/courseware/module_render.py
@@ -12,7 +12,6 @@ from opaque_keys import InvalidKeyError
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.cache import cache
-from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
 from django.http import Http404, HttpResponse
 from django.views.decorators.csrf import csrf_exempt
@@ -632,13 +631,13 @@ def handle_xblock_callback(request, course_id, usage_id, handler, suffix=None):
      - location -- the module location. Used to look up the XModule instance
      - course_id -- defines the course context for this request.

-    Raises PermissionDenied if the user is not logged in. Raises Http404 if
+    Return 403 error if the user is not logged in. Raises Http404 if
    the location and course_id do not identify a valid module, the module is
    not accessible by the user, or the module raises NotFoundError. If the
    module raises any other error, it will escape this function.
    """
    if not request.user.is_authenticated():
-        raise PermissionDenied
+        return HttpResponse('Unauthenticated', status=403)

    return _invoke_xblock_handler(request, course_id, usage_id, handler, suffix, request.user)

--- a/lms/djangoapps/courseware/tests/test_module_render.py
+++ b/lms/djangoapps/courseware/tests/test_module_render.py
@@ -160,6 +160,7 @@ class ModuleRenderTestCase(ModuleStoreTestCase, LoginEnrollmentTestCase):
        )
        response = self.client.post(dispatch_url, {'position': 2})
        self.assertEquals(403, response.status_code)
+        self.assertEquals('Unauthenticated', response.content)


@override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -854,6 +854,7 @@ courseware_js = (
        'coffee/src/' + pth + '.js'
        for pth in ['courseware', 'histogram', 'navigation', 'time']
    ] +
+    ['js/' + pth + '.js' for pth in ['ajax-error']] +
    sorted(rooted_glob(PROJECT_ROOT / 'static', 'coffee/src/modules/**/*.js'))
 )

--- a/lms/static/js/ajax-error.js
+++ b/lms/static/js/ajax-error.js
@@ -0,0 +1,15 @@
+$(document).ajaxError(function (event, jXHR) {
+    if (jXHR.status === 403 && jXHR.responseText === 'Unauthenticated') {
+        var message = gettext(
+            'You have been logged out of your edX account. '+
+            'Click Okay to log in again now. '+
+            'Click Cancel to stay on this page '+
+            '(you must log in again to save your work).'
+        );
+
+        if (window.confirm(message)) {
+            var currentLocation = window.location.href;
+            window.location.href = '/accounts/login?next=' + currentLocation;
+        };
+    }
+});