Merge pull request #4038 from edx/anton/redirect-on-error

Add 401 error handler.

Merge pull request #4038 from edx/anton/redirect-on-error
Add 401 error handler.
8201c990 · Anton Stupak · b989ec14 · 584da69b · 8201c990 · 8201c990
Commit 8201c990 authored Jul 01, 2014 by Anton Stupak
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 3 deletions

lms/djangoapps/courseware/module_render.py
+2 -3

lms/djangoapps/courseware/tests/test_module_render.py
+1 -0

lms/envs/common.py
+1 -0

lms/static/js/ajax-error.js
+15 -0

No files found.
--- a/lms/djangoapps/courseware/module_render.py
+++ b/lms/djangoapps/courseware/module_render.py
@@ -12,7 +12,6 @@ from opaque_keys import InvalidKeyError
 from django.conf import settings
 from django.contrib.auth.models import User
 from django.core.cache import cache
-from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
 from django.http import Http404, HttpResponse
 from django.views.decorators.csrf import csrf_exempt
@@ -632,13 +631,13 @@ def handle_xblock_callback(request, course_id, usage_id, handler, suffix=None):
      - location -- the module location. Used to look up the XModule instance
      - course_id -- defines the course context for this request.
-    Raises PermissionDenied if the user is not logged in. Raises Http404 if
+    Return 403 error if the user is not logged in. Raises Http404 if
    the location and course_id do not identify a valid module, the module is
    not accessible by the user, or the module raises NotFoundError. If the
    module raises any other error, it will escape this function.
    """
    if not request.user.is_authenticated():
-        raise PermissionDenied
+        return HttpResponse('Unauthenticated', status=403)
    return _invoke_xblock_handler(request, course_id, usage_id, handler, suffix, request.user)

--- a/lms/djangoapps/courseware/tests/test_module_render.py
+++ b/lms/djangoapps/courseware/tests/test_module_render.py
@@ -160,6 +160,7 @@ class ModuleRenderTestCase(ModuleStoreTestCase, LoginEnrollmentTestCase):
        )
        response = self.client.post(dispatch_url, {'position': 2})
        self.assertEquals(403, response.status_code)
+        self.assertEquals('Unauthenticated', response.content)
 @override_settings(MODULESTORE=TEST_DATA_MIXED_MODULESTORE)

--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -854,6 +854,7 @@ courseware_js = (
        'coffee/src/' + pth + '.js'
        for pth in ['courseware', 'histogram', 'navigation', 'time']
    ] +
+    ['js/' + pth + '.js' for pth in ['ajax-error']] +
    sorted(rooted_glob(PROJECT_ROOT / 'static', 'coffee/src/modules/**/*.js'))
 )

--- a/lms/static/js/ajax-error.js
+++ b/lms/static/js/ajax-error.js
+$(document).ajaxError(function (event, jXHR) {
+    if (jXHR.status === 403 && jXHR.responseText === 'Unauthenticated') {
+        var message = gettext(
+            'You have been logged out of your edX account. '+
+            'Click Okay to log in again now. '+
+            'Click Cancel to stay on this page '+
+            '(you must log in again to save your work).'
+        );
+        if (window.confirm(message)) {
+            var currentLocation = window.location.href;
+            window.location.href = '/accounts/login?next=' + currentLocation;
+        };
+    }
+});