diff --git a/settings/branson.py b/settings/branson.py
index 1e6dbcc7059b1add1152723aa537ebbae7734bbd..ba822b2cae47ed49a35ddeca56b510f644aeb622 100644
--- a/settings/branson.py
+++ b/settings/branson.py
@@ -66,20 +66,20 @@ MIDDLEWARE_CLASSES = [
# 'debug_toolbar.middleware.DebugToolbarMiddleware',
]
-INSTALLED_APPS = (
- 'django.contrib.auth',
- 'django.contrib.admin',
- 'django.contrib.contenttypes',
- 'django.contrib.sessions',
- 'django.contrib.sites',
- 'django.contrib.staticfiles',
- 'gracedb',
- 'userprofile',
- 'ligoauth',
- 'rest_framework',
- 'south',
-# 'debug_toolbar',
-)
+#INSTALLED_APPS = (
+# 'django.contrib.auth',
+# 'django.contrib.admin',
+# 'django.contrib.contenttypes',
+# 'django.contrib.sessions',
+# 'django.contrib.sites',
+# 'django.contrib.staticfiles',
+# 'gracedb',
+# 'userprofile',
+# 'ligoauth',
+# 'rest_framework',
+# 'south',
+## 'debug_toolbar',
+#)
#INTERNAL_IPS = (
# '129.89.61.55',
diff --git a/settings/default.py b/settings/default.py
index 2ca3af00a8a7290080ec100ae4d0ba9af35199bc..fb51ddb7d69c336ad012660fd264b95202cc107c 100644
--- a/settings/default.py
+++ b/settings/default.py
@@ -183,8 +183,12 @@ AUTHENTICATION_BACKENDS = (
# 'ligoauth.middleware.auth.RemoteUserBackend',
# 'ligodjangoauth.LigoShibbolethAuthBackend',
# 'django.contrib.auth.backends.ModelBackend',
+ 'guardian.backends.ObjectPermissionBackend',
)
+ANONYMOUS_USER_ID = -1
+GUARDIAN_RENDER_403 = True
+
SHIB_AUTHENTICATION_SESSION_INITIATOR = 'https://moe.phys.uwm.edu/Shibboleth.sso/Login'
# If these are left at default, when the Shibboleth middleware
@@ -227,6 +231,7 @@ INSTALLED_APPS = (
'ligoauth',
'rest_framework',
'south',
+ 'guardian',
)
REST_FRAMEWORK = {
@@ -244,6 +249,11 @@ STATICFILES_FINDERS = (
STATICFILES_DIRS = ()
+# Added in order to perform data migrations on the auth app
+SOUTH_MIGRATION_MODULES = {
+ 'auth' : 'migrations.auth',
+}
+
# XXX The following Log settings are for a performance metric.
import logging
LOG_ROOT = '/home/gracedb/logs'
diff --git a/templates/403.html b/templates/403.html
new file mode 100644
index 0000000000000000000000000000000000000000..cb14e96e8b36efab9eb3e367b98568ad0906ae54
--- /dev/null
+++ b/templates/403.html
@@ -0,0 +1,9 @@
+{% extends "base.html" %}
+
+{% block title %}403 – Forbidden{% endblock %}
+{% block heading %}Forbidden {{ object.graceid }}{% endblock %}
+
+{% block content %}
+ <p>You do not have the required permissions for the requested action.</p>
+ {{ message|safe }}
+{% endblock %}