From 659bac68a053276edc75afb95196ee34ea724276 Mon Sep 17 00:00:00 2001 From: Michael Olund Date: Wed, 30 Sep 2020 09:58:47 -0700 Subject: [PATCH] Troubleshooting 403 errors with RetrieveUpdateDestroyAPIView that only happen on OpenShift #3 --- edivorce/apps/core/urls.py | 2 +- edivorce/apps/core/views/api.py | 8 +------- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/edivorce/apps/core/urls.py b/edivorce/apps/core/urls.py index 8a2b42b8..5d4f19ae 100644 --- a/edivorce/apps/core/urls.py +++ b/edivorce/apps/core/urls.py @@ -8,7 +8,7 @@ urlpatterns = [ url(r'^api/response$', api.UserResponseHandler.as_view()), url(r'^api/documents/$', api.DocumentCreateView.as_view(), name='documents'), # path('api/documents///', api.DocumentMetaDataView.as_view(), name='documents-meta'), - path('api/documents////', api.DocumentView.as_view(), name='document'), + path('api/documents/////', api.DocumentView.as_view(), name='document'), path('api/documents//', api.get_document_file_by_key, name='document_by_key'), # url(r'^login/headers$', system.headers), diff --git a/edivorce/apps/core/views/api.py b/edivorce/apps/core/views/api.py index 528e1598..4c46b077 100644 --- a/edivorce/apps/core/views/api.py +++ b/edivorce/apps/core/views/api.py @@ -72,18 +72,12 @@ class DocumentCreateView(CreateAPIView): class DocumentView(RetrieveUpdateDestroyAPIView): serializer_class = DocumentMetadataSerializer - # permission_classes = [permissions.IsAuthenticated] + permission_classes = [permissions.IsAuthenticated] def get_object(self): return Document.objects.get(bceid_user=self.request.user, **self.kwargs) def retrieve(self, request, *args, **kwargs): - if not self.request.user.is_authenticated: - s = 'Anonymous' - if hasattr(self.request.user, 'sm_user'): - s = self.request.user.sm_user - return Response(data="Your are not authenticated (" + s + ")", status=status.HTTP_403_FORBIDDEN) - """ Return the file instead of meta data """ document = self.get_object() content_type = Document.content_type_from_filename(document.filename)