Login

Technical 500 by group membership

Author:
jdunck
Posted:
September 7, 2009
Language:
Python
Version:
1.1
Tags:
admin user auth debugging 500
Score:
4 (after 4 ratings)

Based loosely on Eric's middleware, this middleware will show the technical 500 page (which you'd get if DEBUG == True) to any user who is (1) superuser and (2) a member of the settings.TECHNICAL_500_GROUP_NAME group. (If no setting exists, 'Technical Errors' is the presumed group name.

I agreed with the comments that caching should be unnecessary given the (presumptive) edge case of exception + superuser. Assuming you don't have tons of superusers, this code is a good bit simpler. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
from django.conf import settings
from django.views.debug import technical_500_response
import sys

EX_GROUP_NAME = getattr(settings, 'TECHNICAL_500_GROUP_NAME', 'Technical Errors')

class UserBasedExceptionMiddleware(object):
    def process_exception(self, request, exception):
        exc_info = sys.exc_info()
        user = request.user
        if not user.is_superuser:
            return None
        if user.groups.filter(name=EX_GROUP_NAME):
            return technical_500_response(request, *exc_info)
        return None

More like this

Comments

buriy (on September 7, 2009):
<p>you better use bool(user.groups.filter(name=EX_GROUP_NAME)), count is unnecessary here ( nonzero is overloaded for querysets) and count is slow on transactional storages.</p>

#

buriy (on September 7, 2009):
<p>or just "if user.groups.filter(name=EX_GROUP_NAME)" :)</p>

#

david_bgk (on September 8, 2009):
<p>".count()" is faster but I agree that it can be tested directly in the "if" ;)</p>

#

jdunck (on September 8, 2009):
<p>I edited it to do the test in the "if" directly. Slightly less obvious code to me, now, but shrug.</p>

#

blueyed (on July 10, 2014):
<p>A drawback with this is that the "django.request" logger will be skipped, which also skips any reporting to Sentry via raven for example.</p> <p>It should therefore probably call the logger manually:</p> <pre> logger.error('Internal Server Error: %s', request.path, exc_info=exc_info, extra={ 'status_code': 500, 'request': request } ) </pre>

#

blueyed (on July 11, 2014):
<p>See https://code.djangoproject.com/ticket/23002#ticket for a related ticket.</p>

#

Please login first before commenting.