mirror of
https://github.com/Steffo99/sophon.git
synced 2024-12-22 14:54:22 +00:00
🐛 Properly return 401 in custom actions
This commit is contained in:
parent
363d1568b1
commit
154d187b11
1 changed files with 6 additions and 0 deletions
|
@ -262,6 +262,9 @@ class ResearchGroupViewSet(WriteSophonViewSet):
|
|||
"""
|
||||
group = models.ResearchGroup.objects.get(pk=pk)
|
||||
|
||||
if self.request.user.is_anonymous:
|
||||
return Response(status=s.HTTP_401_UNAUTHORIZED)
|
||||
|
||||
# Raise an error if the group doesn't allow member joins
|
||||
if group.access != "OPEN":
|
||||
return Response(status=s.HTTP_403_FORBIDDEN)
|
||||
|
@ -283,6 +286,9 @@ class ResearchGroupViewSet(WriteSophonViewSet):
|
|||
"""
|
||||
group = models.ResearchGroup.objects.get(pk=pk)
|
||||
|
||||
if self.request.user.is_anonymous:
|
||||
return Response(status=s.HTTP_401_UNAUTHORIZED)
|
||||
|
||||
# Raise an error if the user is the owner of the group
|
||||
if self.request.user == group.owner:
|
||||
return Response(status=s.HTTP_403_FORBIDDEN)
|
||||
|
|
Loading…
Reference in a new issue