Registration for user with no apcd groups (#435)

TACC · Feb 27, 2025 · 6ea7601 · 6ea7601
1 parent 5966440
commit 6ea7601
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/apcd_cms/src/apps/base/base.py b/apcd_cms/src/apps/base/base.py
@@ -19,6 +19,14 @@ def dispatch(self, request, *args, **kwargs):
                 status=500)
 
 
+class AuthenticatedUserTemplateMixin:
+    """ API Mixin to restrict access to authenticated users only. """
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.is_authenticated:
+            return HttpResponseRedirect('/')
+        return super().dispatch(request, *args, **kwargs)
+
 class APCDAdminAccessTemplateMixin:
     """ API Mixin to restrict access to authenticated APCD admins only. """
 
@@ -46,6 +54,14 @@ def dispatch(self, request, *args, **kwargs):
         return super().dispatch(request, *args, **kwargs)
 
 
+class AuthenticatedUserAPIMixin:
+    """ API Mixin to restrict access to authenticated users."""
+
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.is_authenticated:
+            return JsonResponse({'error': 'Unauthorized'}, status=403)
+        return super().dispatch(request, *args, **kwargs)
+
 class APCDAdminAccessAPIMixin:
     """ API Mixin to restrict access to authenticated APCD admins only. """
 

diff --git a/apcd_cms/src/apps/registrations/views.py b/apcd_cms/src/apps/registrations/views.py
@@ -6,7 +6,7 @@
 from django.conf import settings
 from django.http import JsonResponse
 from django.views.generic import TemplateView
-from apps.base.base import BaseAPIView, APCDGroupAccessTemplateMixin, APCDGroupAccessAPIMixin
+from apps.base.base import BaseAPIView, AuthenticatedUserTemplateMixin, AuthenticatedUserAPIMixin
 from requests.auth import HTTPBasicAuth
 import logging
 import rt
@@ -20,11 +20,11 @@
 RT_QUEUE = getattr(settings, 'RT_QUEUE', '')
 
 
-class RegistrationFormTemplate(APCDGroupAccessTemplateMixin, TemplateView):
+class RegistrationFormTemplate(AuthenticatedUserTemplateMixin, TemplateView):
     template_name = 'registration_form.html'
 
 
-class RegistrationFormApi(APCDGroupAccessAPIMixin, BaseAPIView):
+class RegistrationFormApi(AuthenticatedUserAPIMixin, BaseAPIView):
 
     def get(self, request):
         formatted_reg_data = []
@@ -44,6 +44,8 @@ def get(self, request):
         if (request.user.is_authenticated and has_apcd_group(request.user)):
             context = {'registration_data': formatted_reg_data, 'renew': renew}
             return JsonResponse({'response': context})
+        else: 
+            return JsonResponse({'error': 'Unauthorized'}, status=403)
 
     def post(self, request):
         form = json.loads(request.body)