Skip to content
Snippets Groups Projects
Commit ce666e23 authored by Mickael Desfrenes's avatar Mickael Desfrenes
Browse files

return clean 403 in iiif view

parent 453d602e
Branches
No related merge requests found
Pipeline #307261 passed with stage
in 4 minutes and 31 seconds
...@@ -2,7 +2,7 @@ from os import environ ...@@ -2,7 +2,7 @@ from os import environ
from django.conf import settings from django.conf import settings
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from django.core.exceptions import PermissionDenied from django.http.response import HttpResponseForbidden
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from rest_framework_simplejwt.authentication import JWTAuthentication from rest_framework_simplejwt.authentication import JWTAuthentication
from rest_framework_simplejwt.exceptions import InvalidToken from rest_framework_simplejwt.exceptions import InvalidToken
...@@ -68,5 +68,5 @@ class IIIFProxyView(ProxyView): ...@@ -68,5 +68,5 @@ class IIIFProxyView(ProxyView):
if user.has_perm(ITEM_VIEW, file.item): if user.has_perm(ITEM_VIEW, file.item):
return super().dispatch(request, *args, **kwargs) return super().dispatch(request, *args, **kwargs)
except InvalidToken: except InvalidToken:
pass # should renew ? pass
raise PermissionDenied() return HttpResponseForbidden()
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment