# Test update

* fixes bug for sharing via token where permission was too tight
2025-10-21 19:37:34 +02:00 · 2025-10-21 19:37:34 +02:00 · fe2ac3d97d
commit fe2ac3d97d
parent 554ade6794
2 changed files with 3 additions and 2 deletions
--- a/konova/tests/test_views.py
+++ b/konova/tests/test_views.py
@ -543,7 +543,7 @@ class BaseViewTestCase(BaseTestCase):
        for url, redirect_to in urls.items():
            response = client.get(url, follow=True)
            # Expect redirects to the landing page
-            self.assertEqual(response.redirect_chain[0], (redirect_to, 302), msg=f"Failed for {url}")
+            self.assertEqual(response.redirect_chain[0], (redirect_to, 302), msg=f"Failed for {url}. Expected {redirect_to}")

    def assert_url_fail(self, client: Client, urls: list):
        """ Assert for all given urls a direct 302 response
--- a/konova/views/share.py
+++ b/konova/views/share.py
@ -61,7 +61,8 @@ class AbstractShareByTokenView(LoginRequiredMixin, BaseView):
            return redirect("home")

    def _user_has_permission(self, user):
-        return user.is_default_user()
+        # No permissions are needed to get shared access via token
+        return True

    def _user_has_shared_access(self, user, **kwargs):
        # The user does not need to have shared access to call the endpoint which gives them shared access