anon users are now allowed in admin endpoints

2023-06-13 11:44:58 -04:00 · 2023-06-13 11:44:58 -04:00 · b525f09487
commit b525f09487
parent 404393859b
2 changed files with 5 additions and 5 deletions
--- a/sachet/server/admin/views.py
+++ b/sachet/server/admin/views.py
@ -9,17 +9,17 @@ admin_blueprint = Blueprint("admin_blueprint", __name__)


 class ServerSettingsAPI(ModelAPI):
-    @auth_required(required_permissions=(Permissions.ADMIN,))
+    @auth_required(required_permissions=(Permissions.ADMIN,), allow_anonymous=True)
    def get(self, auth_user=None):
        settings = get_settings()
        return super().get(settings)

-    @auth_required(required_permissions=(Permissions.ADMIN,))
+    @auth_required(required_permissions=(Permissions.ADMIN,), allow_anonymous=True)
    def patch(self, auth_user=None):
        settings = get_settings()
        return super().patch(settings)

-    @auth_required(required_permissions=(Permissions.ADMIN,))
+    @auth_required(required_permissions=(Permissions.ADMIN,), allow_anonymous=True)
    def put(self, auth_user=None):
        settings = get_settings()
        return super().put(settings)
--- a/sachet/server/users/views.py
+++ b/sachet/server/users/views.py
@ -197,12 +197,12 @@ users_blueprint.add_url_rule(


 class UserListAPI(ModelListAPI):
-    @auth_required(required_permissions=(Permissions.ADMIN,))
+    @auth_required(required_permissions=(Permissions.ADMIN,), allow_anonymous=True)
    def post(self, auth_user=None):
        data = request.get_json()
        return super().post(User, data)

-    @auth_required(required_permissions=(Permissions.ADMIN,))
+    @auth_required(required_permissions=(Permissions.ADMIN,), allow_anonymous=True)
    def get(self, auth_user=None):
        return super().get(User)