manager: make agenda's groups foldable (#85616 )

2024-04-03 10:50:39 +02:00
2 changed files with 6 additions and 3 deletions
--- a/chrono/apps/user_preferences/api_views.py
+++ b/chrono/apps/user_preferences/api_views.py
@ -31,11 +31,9 @@ def save_preference(request):
    Given a JSON with a single boolean value identified by a str, save the
    key <-> value association in UserPreference
    '''
-    if not request.user:
+    if not request.user or not request.user.is_authenticated:
        raise PermissionDenied()
    user_pref = models.UserPreferences.objects.get_or_create(user=request.user)[0]
-    if not user_pref:
-        raise PermissionDenied()

    if len(request.body) > 1000:
        return HttpResponse(_('Payload is too large').encode(), status=400)
--- a/tests/api/test_user_preferences.py
+++ b/tests/api/test_user_preferences.py
@ -78,3 +78,8 @@ def test_user_preferences_api_large_payload(app, admin_user):
    url = reverse('api-user-preferences')
    app.post(url, params='a' * 1024, status=400)
    app.post_json(url, params={'b' * 1024: True}, status=400)
+
+
+def test_user_preferences_api_unauthorized(app):
+    url = reverse('api-user-preferences')
+    app.post(url, params={'toto': True}, status=403)