From 8048fccedeb4a473ffb8a461799f665568705904 Mon Sep 17 00:00:00 2001 From: Dariusz Niemczyk Date: Sun, 23 Jul 2023 17:31:37 +0200 Subject: [PATCH] Make paths publically available due to beyondspace --- storage/apiviews.py | 4 ++++ storage/views.py | 4 ---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/storage/apiviews.py b/storage/apiviews.py index b7fb54d..bce6f3f 100644 --- a/storage/apiviews.py +++ b/storage/apiviews.py @@ -1,6 +1,7 @@ from rest_framework import viewsets, filters from rest_framework.response import Response from rest_framework.decorators import action +from rest_framework.permissions import AllowAny from storage.authentication import LanAuthentication from storage.models import Item, Label @@ -81,6 +82,9 @@ class ItemViewSet(viewsets.ModelViewSet): @action( detail=True, methods=["post"], + # AllowAny is correct here, as we require LanAuthentication anyways + permission_classes=[AllowAny], + authentication_classes=[LanAuthentication], ) def print(self, request, pk): return api_print(request.query_params.get("quantity", 1), self.get_object()) diff --git a/storage/views.py b/storage/views.py index 4fd1fbc..433be9c 100644 --- a/storage/views.py +++ b/storage/views.py @@ -58,7 +58,6 @@ def apply_smart_search(query, objects): return objects -@login_required def index(request): # get_roots was removed, so we're doing it this way now. return render( @@ -66,7 +65,6 @@ def index(request): ) -@login_required def search(request): query = request.GET.get("q", "") @@ -85,7 +83,6 @@ def search(request): ) -@login_required def item_display(request, pk): if not pk: return index(request) @@ -125,7 +122,6 @@ def label_lookup(request, pk): raise Http404("Very sad to say, I could not find this thing") -@login_required def apitoken(request): print(Token) token, created = Token.objects.get_or_create(user=request.user)