diff --git a/pagure/api/fork.py b/pagure/api/fork.py index 3cb7311..6fe6569 100644 --- a/pagure/api/fork.py +++ b/pagure/api/fork.py @@ -24,7 +24,7 @@ import pagure.lib.tasks from pagure.api import (API, api_method, api_login_required, APIERROR, get_authorized_api_project, get_request_data) from pagure.config import config as pagure_config -from pagure.utils import is_repo_committer, is_true +from pagure.utils import authenticated, is_repo_committer, is_true _log = logging.getLogger(__name__) @@ -852,7 +852,7 @@ def api_subscribe_pull_request( raise pagure.exceptions.APIError( 404, error_code=APIERROR.EPULLREQUESTSDISABLED) - if flask.g.token and flask.g.token.project \ + if not authenticated() and flask.g.token and flask.g.token.project \ and repo != flask.g.token.project: raise pagure.exceptions.APIError( 401, error_code=APIERROR.EINVALIDTOK) diff --git a/tests/test_pagure_flask_api_fork.py b/tests/test_pagure_flask_api_fork.py index 1442f29..f552382 100644 --- a/tests/test_pagure_flask_api_fork.py +++ b/tests/test_pagure_flask_api_fork.py @@ -1006,11 +1006,11 @@ class PagureFlaskApiForktests(tests.Modeltests): # Valid token, wrong project output = self.app.post( '/api/0/test2/pull-request/1/subscribe', headers=headers) - self.assertEqual(output.status_code, 401) + self.assertEqual(output.status_code, 404) data = json.loads(output.get_data(as_text=True)) - self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.name, + self.assertEqual(pagure.api.APIERROR.ENOREQ.name, data['error_code']) - self.assertEqual(pagure.api.APIERROR.EINVALIDTOK.value, data['error']) + self.assertEqual(pagure.api.APIERROR.ENOREQ.value, data['error']) # No input output = self.app.post(