From 77588f8a4782344d1e544fbe7d8566fbd2df9d8c Mon Sep 17 00:00:00 2001
From: Erwan Rouchet <rouchet@teklia.com>
Date: Wed, 8 Mar 2023 17:38:37 +0100
Subject: [PATCH] Properly handle a missing process

---
 arkindex/ponos/authentication.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/arkindex/ponos/authentication.py b/arkindex/ponos/authentication.py
index 152619cb67..58455c0b21 100644
--- a/arkindex/ponos/authentication.py
+++ b/arkindex/ponos/authentication.py
@@ -1,3 +1,4 @@
+from django.core.exceptions import ObjectDoesNotExist
 from drf_spectacular.authentication import TokenScheme
 from drf_spectacular.contrib.rest_framework_simplejwt import SimpleJWTScheme
 from rest_framework.authentication import TokenAuthentication
@@ -83,15 +84,20 @@ class TaskAuthentication(TokenAuthentication):
             # Same error message as the standard TokenAuthentication
             raise AuthenticationFailed('Invalid token.')
 
-        if not task.workflow.process:
+        # There is no Workflow.process_id, since the FK is on Process.workflow_id,
+        # and accessing Workflow.process when there is no process causes an exception
+        # instead of returning None.
+        try:
+            process = task.workflow.process
+        except ObjectDoesNotExist:
             raise AuthenticationFailed('Task has no process.')
 
-        user = task.workflow.process.creator
-        if not user or not user.is_active:
+        if not process.creator_id or not process.creator.is_active:
             # Same error message as the standard TokenAuthentication
             raise AuthenticationFailed('User inactive or deleted.')
 
-        return (user, task)
+        # Must return a 2-tuple that will be set as (self.request.user, self.request.auth)
+        return (process.creator, task)
 
 
 class TaskAuthenticationExtension(TokenScheme):
-- 
GitLab