Browse Source

Fix incorrect user check when the logged in user is not a valid researcher (like an Django admin)

master
Joshua Rubingh 6 months ago
parent
commit
92cb7d3b3c
  1. 5
      VRE/apps/researcher/views.py

5
VRE/apps/researcher/views.py

@ -1,6 +1,8 @@ @@ -1,6 +1,8 @@
from django.shortcuts import get_object_or_404
from django.utils.translation import gettext_lazy as _
from drf_yasg.utils import swagger_auto_schema
from rest_framework import viewsets
from rest_framework.exceptions import PermissionDenied
from rest_framework.response import Response
from .serializers import ResearcherSerializer, ResearcherDetailSerializer
@ -31,6 +33,9 @@ class Researchers(viewsets.ModelViewSet): @@ -31,6 +33,9 @@ class Researchers(viewsets.ModelViewSet):
@swagger_auto_schema(responses={200: ResearcherDetailSerializer(many=False)})
def me(self, request):
if not hasattr(request.user,'researcher'):
raise PermissionDenied(_('Illegal user'))
return Response(ResearcherDetailSerializer(request.user.researcher).data)
@swagger_auto_schema(request_body=ResearcherSerializer(many=False), responses={200: ResearcherDetailSerializer(many=False)})

Loading…
Cancel
Save