Qrtr/qrtr-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add manual account override for when unauthenticated users call the auth endpoint.

Browse Source
This commit is contained in:
DJ Gillespie 2024-03-05 14:27:20 -07:00
parent 6ec9065f8e
commit 0c98606234
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
connection/views.py
View File

@ -47,7 +47,7 @@ class ConnectionViewSet(viewsets.ModelViewSet):
else: else:
accounts = (Account.objects.filter(pk=account_id, owner=user) | accounts = (Account.objects.filter(pk=account_id, owner=user) |
Account.objects.filter(pk=account_id, Account.objects.filter(pk=account_id,
admin_users__in=[user])) admin_users__in=[user]))
if not accounts: if not accounts:
return Response( return Response(
status=status.HTTP_400_BAD_REQUEST, status=status.HTTP_400_BAD_REQUEST,
@ -98,9 +98,12 @@ class ConnectionViewSet(viewsets.ModelViewSet):
user = request.user user = request.user
# Filter out any accounts with the right id, but the given user # Filter out any accounts with the right id, but the given user
# is not an owner or admin on that account. # is not an owner or admin on that account.
accounts = (Account.objects.filter(pk=account_id, owner=user) | if request.user.is_anonymous():
Account.objects.filter(pk=account_id, accounts = (Account.objects.filter(pk=1))
admin_users__in=[user])) else:
accounts = (Account.objects.filter(pk=account_id, owner=user) |
Account.objects.filter(pk=account_id,
admin_users__in=[user]))
if not accounts: if not accounts:
return Response( return Response(
status=status.HTTP_400_BAD_REQUEST, status=status.HTTP_400_BAD_REQUEST,