mirror of
https://github.com/Tivix/django-rest-auth.git
synced 2024-11-25 10:33:45 +03:00
Return 403 instead of 500 error for disconnect view
When a user only has a social account associated with them and they attempt to disconnect it, we should return a 403 error, not a 500 error.
This commit is contained in:
parent
a3057b7aa1
commit
e46ffd7341
|
@ -1,4 +1,5 @@
|
|||
from django.conf import settings
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.decorators import method_decorator
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.views.decorators.debug import sensitive_post_parameters
|
||||
|
@ -6,7 +7,8 @@ from django.views.decorators.debug import sensitive_post_parameters
|
|||
from rest_framework.views import APIView
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.permissions import (AllowAny,
|
||||
IsAuthenticated)
|
||||
IsAuthenticated,
|
||||
PermissionDenied)
|
||||
from rest_framework.generics import CreateAPIView, ListAPIView, GenericAPIView
|
||||
from rest_framework.exceptions import NotFound
|
||||
from rest_framework import status
|
||||
|
@ -174,7 +176,10 @@ class SocialAccountDisconnectView(GenericAPIView):
|
|||
if not account:
|
||||
raise NotFound
|
||||
|
||||
try:
|
||||
get_social_adapter(self.request).validate_disconnect(account, accounts)
|
||||
except ValidationError as e:
|
||||
raise PermissionDenied(detail=e.args[0])
|
||||
|
||||
account.delete()
|
||||
signals.social_account_removed.send(
|
||||
|
|
Loading…
Reference in New Issue
Block a user