config.add_route("search_json", "search.json")
config.add_view(search_json, route_name="search_json", renderer="jsonp")
+ # ADMIN ROUTES
+ config.add_forbidden_view(forbidden, renderer="forbidden.mako")
+
+ config.add_route("merge", "/merge")
+ config.add_view(route_name="merge", renderer="merge.mako", permission="admin")
+
return config.make_wsgi_app()
--- /dev/null
+<%inherit file="base.mako"/>
+<%namespace name="nav" file="nav.mako" />
+
+<%block name="navigation">
+${nav.nav('players')}
+</%block>
+
+<h1>403 Forbidden</h1>
+
+<h2>Sorry dudebro!</h2>
+<p>Access to this area is restricted. You should probably get back to the game. It's cooler anyway!</p>
--- /dev/null
+<%inherit file="base.mako"/>
+<%namespace name="nav" file="nav.mako" />
+
+<%block name="navigation">
+${nav.nav('players')}
+</%block>
+
+<h1>Player Merge</h1>
+
+<h2>Merge two players below. The destination player_id is on the right.</h2>
+<p>(the destination player_id is the one that lives on after the merge)</p>
from xonstat.views.main import main_index, top_players_by_time, top_servers_by_players
from xonstat.views.main import top_servers_by_players, top_maps_by_times_played
+
+from xonstat.views.admin import forbidden
--- /dev/null
+from pyramid.response import Response
+from pyramid.httpexceptions import HTTPForbidden
+
+def forbidden(request):
+ '''A simple forbidden view. Does nothing more than set the status and then
+ gets the heck out of dodge. The forbidden.mako template does the work.'''
+ request.response.status = 403
+ return {}