You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2021/09/28 21:36:36 UTC
[airavata-django-portal] branch develop updated: AIRAVATA-3517
Include IsAuthenticated is required permissions for IAMUserViewSet and
UnverifiedEmailUserViewSet
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git
The following commit(s) were added to refs/heads/develop by this push:
new a5e61bf AIRAVATA-3517 Include IsAuthenticated is required permissions for IAMUserViewSet and UnverifiedEmailUserViewSet
a5e61bf is described below
commit a5e61bfd09c333ac069e0208bbc37febb077065b
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Sep 28 17:36:18 2021 -0400
AIRAVATA-3517 Include IsAuthenticated is required permissions for IAMUserViewSet and UnverifiedEmailUserViewSet
---
django_airavata/apps/api/views.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/django_airavata/apps/api/views.py b/django_airavata/apps/api/views.py
index 0bcc714..8e5c5a5 100644
--- a/django_airavata/apps/api/views.py
+++ b/django_airavata/apps/api/views.py
@@ -35,6 +35,7 @@ from django.views.decorators.gzip import gzip_page
from rest_framework import mixins, pagination, status
from rest_framework.decorators import action, api_view
from rest_framework.exceptions import ParseError
+from rest_framework.permissions import IsAuthenticated
from rest_framework.renderers import JSONRenderer
from rest_framework.response import Response
from rest_framework.views import APIView
@@ -1725,7 +1726,7 @@ class IAMUserViewSet(mixins.RetrieveModelMixin,
GenericAPIBackedViewSet):
serializer_class = serializers.IAMUserProfile
pagination_class = APIResultPagination
- permission_classes = (IsInAdminsGroupPermission,)
+ permission_classes = (IsAuthenticated, IsInAdminsGroupPermission,)
lookup_field = 'user_id'
def get_list(self):
@@ -1850,7 +1851,7 @@ class UnverifiedEmailUserViewSet(mixins.ListModelMixin,
GenericAPIBackedViewSet):
serializer_class = serializers.UnverifiedEmailUserProfile
pagination_class = APIResultPagination
- permission_classes = (IsInAdminsGroupPermission,)
+ permission_classes = (IsAuthenticated, IsInAdminsGroupPermission,)
lookup_field = 'user_id'
def get_list(self):