Add Unauthorized exception.

This should start to see more use as I continue to build up the user
profile features.

etiquette/exceptions.py

@@ -151,6 +151,9 @@ class UsernameTooShort(InvalidUsername):
 class DisplayNameTooLong(EtiquetteException):
     error_message = 'Display name "{display_name}" is longer than maximum of {max_length}.'
 
+class Unauthorized(EtiquetteException):
+    error_message = 'You\'re not allowed to do that.'
+
 class WrongLogin(EtiquetteException):
     error_message = 'Wrong username-password combination.'
 

frontends/etiquette_flask/backend/endpoints/user_endpoints.py

@@ -38,11 +38,12 @@ def get_user_id_redirect(user_id):
 @site.route('/user/<username>/edit', methods=['POST'])
 def post_user_edit(username):
     session = session_manager.get(request)
+
     if not session:
-        return jsonify.make_json_response({}, status=403)
+        return jsonify.make_json_response(etiquette.exceptions.Unauthorized().jsonify(), status=403)
     user = common.P_user(username, response_type='json')
     if session.user != user:
-        return jsonify.make_json_response({}, status=403)
+        return jsonify.make_json_response(etiquette.exceptions.Unauthorized().jsonify(), status=403)
 
     display_name = request.form.get('display_name')
     if display_name is not None:

frontends/etiquette_flask/templates/user.html

@@ -103,7 +103,7 @@ function profile_ed_on_save(ed)
         }
         if ("error_type" in response.data)
         {
-            ed.show_error(response.data.error_message);
+            ed.show_error(`${response.data.error_type} ${response.data.error_message}`);
             return;
         }