records: don't check permissions if recid=None

* Upload permissions not relevant if creating a new Sandbox record. * Fixes #735.
HEPData · Nov 29, 2023 · 25134e3 · 25134e3
1 parent 3dfb531
commit 25134e3
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/hepdata/modules/records/views.py b/hepdata/modules/records/views.py
@@ -804,7 +804,7 @@ def cli_upload():
     invitation_cookie = request.form['invitation_cookie'] if 'invitation_cookie' in request.form.keys() else None
 
     # Check the user has upload permissions for this record
-    if not has_upload_permissions(recid, user, is_sandbox):
+    if recid and not has_upload_permissions(recid, user, is_sandbox):
         return jsonify({
             "message": "Email {} does not correspond to a confirmed uploader for this record.".format(str(user_email))
         }), 403

diff --git a/hepdata/version.py b/hepdata/version.py
@@ -28,4 +28,4 @@
 and parsed by ``setup.py``.
 """
 
-__version__ = "0.9.4dev20231115"
+__version__ = "0.9.4dev20231129"