From 154d187b11a671176abd6ebd4eaa3efd7258689f Mon Sep 17 00:00:00 2001
From: Stefano Pigozzi <me@steffo.eu>
Date: Fri, 29 Oct 2021 01:15:20 +0200
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Properly=20return=20401=20in=20c?=
 =?UTF-8?q?ustom=20actions?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/sophon/core/views.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/backend/sophon/core/views.py b/backend/sophon/core/views.py
index 74e0648..9a20695 100644
--- a/backend/sophon/core/views.py
+++ b/backend/sophon/core/views.py
@@ -262,6 +262,9 @@ class ResearchGroupViewSet(WriteSophonViewSet):
         """
         group = models.ResearchGroup.objects.get(pk=pk)
 
+        if self.request.user.is_anonymous:
+            return Response(status=s.HTTP_401_UNAUTHORIZED)
+
         # Raise an error if the group doesn't allow member joins
         if group.access != "OPEN":
             return Response(status=s.HTTP_403_FORBIDDEN)
@@ -283,6 +286,9 @@ class ResearchGroupViewSet(WriteSophonViewSet):
         """
         group = models.ResearchGroup.objects.get(pk=pk)
 
+        if self.request.user.is_anonymous:
+            return Response(status=s.HTTP_401_UNAUTHORIZED)
+
         # Raise an error if the user is the owner of the group
         if self.request.user == group.owner:
             return Response(status=s.HTTP_403_FORBIDDEN)