Allow unauthenticated users to view group details

webkom · Jul 14, 2023 · f88af40 · f88af40
1 parent 2826e4c
commit f88af40
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/lego/apps/users/permissions.py b/lego/apps/users/permissions.py
@@ -36,6 +36,7 @@ def has_perm(
 
 class AbakusGroupPermissionHandler(PermissionHandler):
     permission_map = {LIST: [], VIEW: []}  # type: ignore
+    authentication_map = {LIST: False, VIEW: False}
 
     force_object_permission_check = True
     default_keyword_permission = "/sudo/admin/groups/{perm}/"
@@ -51,6 +52,7 @@ def has_perm(
     ):
         if perm == "delete":
             return False
+
         has_perm = super().has_perm(
             user, perm, obj, queryset, check_keyword_permissions, **kwargs
         )

diff --git a/lego/apps/users/tests/test_abakusgroup_api.py b/lego/apps/users/tests/test_abakusgroup_api.py
@@ -62,7 +62,7 @@ def successful_list(self, user):
 
     def test_without_auth(self):
         response = self.client.get(_get_list_url())
-        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
 
     def test_with_auth(self):
         self.successful_list(self.user)
@@ -94,7 +94,7 @@ def successful_retrieve(self, user, pk):
 
     def test_without_auth(self):
         response = self.client.get(_get_detail_url(1))
-        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
 
     def test_with_permission(self):
         self.successful_retrieve(self.with_permission, self.test_group.pk)