You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airavata.apache.org by ma...@apache.org on 2021/09/28 21:36:36 UTC

[airavata-django-portal] branch develop updated: AIRAVATA-3517 Include IsAuthenticated is required permissions for IAMUserViewSet and UnverifiedEmailUserViewSet

This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata-django-portal.git


The following commit(s) were added to refs/heads/develop by this push:
     new a5e61bf  AIRAVATA-3517 Include IsAuthenticated is required permissions for IAMUserViewSet and UnverifiedEmailUserViewSet
a5e61bf is described below

commit a5e61bfd09c333ac069e0208bbc37febb077065b
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Tue Sep 28 17:36:18 2021 -0400

    AIRAVATA-3517 Include IsAuthenticated is required permissions for IAMUserViewSet and UnverifiedEmailUserViewSet
---
 django_airavata/apps/api/views.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/django_airavata/apps/api/views.py b/django_airavata/apps/api/views.py
index 0bcc714..8e5c5a5 100644
--- a/django_airavata/apps/api/views.py
+++ b/django_airavata/apps/api/views.py
@@ -35,6 +35,7 @@ from django.views.decorators.gzip import gzip_page
 from rest_framework import mixins, pagination, status
 from rest_framework.decorators import action, api_view
 from rest_framework.exceptions import ParseError
+from rest_framework.permissions import IsAuthenticated
 from rest_framework.renderers import JSONRenderer
 from rest_framework.response import Response
 from rest_framework.views import APIView
@@ -1725,7 +1726,7 @@ class IAMUserViewSet(mixins.RetrieveModelMixin,
                      GenericAPIBackedViewSet):
     serializer_class = serializers.IAMUserProfile
     pagination_class = APIResultPagination
-    permission_classes = (IsInAdminsGroupPermission,)
+    permission_classes = (IsAuthenticated, IsInAdminsGroupPermission,)
     lookup_field = 'user_id'
 
     def get_list(self):
@@ -1850,7 +1851,7 @@ class UnverifiedEmailUserViewSet(mixins.ListModelMixin,
                                  GenericAPIBackedViewSet):
     serializer_class = serializers.UnverifiedEmailUserProfile
     pagination_class = APIResultPagination
-    permission_classes = (IsInAdminsGroupPermission,)
+    permission_classes = (IsAuthenticated, IsInAdminsGroupPermission,)
     lookup_field = 'user_id'
 
     def get_list(self):