From ce666e23dce82dad6a69a6c2d9d4ab7c7ddb09eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micka=C3=ABl=20Desfr=C3=AAnes?=
 <mickael.desfrenes@unicaen.fr>
Date: Thu, 12 Dec 2024 08:15:18 +0100
Subject: [PATCH] return clean 403 in iiif view

---
 pount/apps/iiif/views.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pount/apps/iiif/views.py b/pount/apps/iiif/views.py
index e0ec212b..00c98a41 100644
--- a/pount/apps/iiif/views.py
+++ b/pount/apps/iiif/views.py
@@ -2,7 +2,7 @@ from os import environ
 
 from django.conf import settings
 from django.contrib.auth import get_user_model
-from django.core.exceptions import PermissionDenied
+from django.http.response import HttpResponseForbidden
 from django.shortcuts import get_object_or_404
 from rest_framework_simplejwt.authentication import JWTAuthentication
 from rest_framework_simplejwt.exceptions import InvalidToken
@@ -68,5 +68,5 @@ class IIIFProxyView(ProxyView):
                 if user.has_perm(ITEM_VIEW, file.item):
                     return super().dispatch(request, *args, **kwargs)
         except InvalidToken:
-            pass  # should renew ?
-        raise PermissionDenied()
+            pass
+        return HttpResponseForbidden()
-- 
GitLab