removed double checks

backend/project/endpoints/projects/project_detail.py

@@ -12,7 +12,7 @@
 from project.models.project import Project
 from project.utils.query_agent import query_by_id_from_model, delete_by_id_from_model, \
     patch_by_id_from_model
-from project.utils.authentication import login_required, authorize_teacher_or_project_admin, authorize_teacher_of_project, authorize_project_visible
+from project.utils.authentication import authorize_teacher_or_project_admin, authorize_teacher_of_project, authorize_project_visible
 
 
 API_URL = getenv('API_HOST')
@@ -25,7 +25,6 @@ class ProjectDetail(Resource):
     for implementing get, delete and put methods
     """
 
-    @login_required
     @authorize_project_visible
     def get(self, project_id):
         """
@@ -40,7 +39,6 @@ def get(self, project_id):
             project_id,
             RESPONSE_URL)
 
-    @login_required
     @authorize_teacher_or_project_admin
     def patch(self, project_id):
         """
@@ -56,7 +54,6 @@ def patch(self, project_id):
             request.json
         )
 
-    @login_required
     @authorize_teacher_of_project
     def delete(self, project_id):
         """

backend/project/endpoints/projects/projects.py

@@ -11,7 +11,7 @@
 
 from project.models.project import Project
 from project.utils.query_agent import query_selected_from_model, insert_into_model
-from project.utils.authentication import login_required, authorize_teacher
+from project.utils.authentication import authorize_teacher
 
 from project.endpoints.projects.endpoint_parser import parse_project_params
 
@@ -25,7 +25,6 @@ class ProjectsEndpoint(Resource):
     for implementing get method
     """
 
-    @login_required
     @authorize_teacher
     def get(self):
         """
@@ -42,7 +41,6 @@ def get(self):
             filters=request.args
         )
 
-    @login_required
     @authorize_teacher
     def post(self):
         """

backend/project/endpoints/users.py

@@ -8,7 +8,7 @@
 
 from project import db
 from project.models.user import User as userModel
-from project.utils.authentication import login_required, authorize_teacher, authorize_user, not_allowed
+from project.utils.authentication import login_required, authorize_user, not_allowed
 
 users_bp = Blueprint("users", __name__)
 users_api = Api(users_bp)
@@ -45,8 +45,7 @@ def get(self):
             return {"message": "An error occurred while fetching the users",
                     "url": f"{API_URL}/users"}, 500
 
-    @login_required
-    @authorize_teacher
+    @not_allowed
     def post(self):
         """
         This function will respond to post requests made to /users.
@@ -137,8 +136,7 @@ def patch(self, user_id):
                     "url": f"{API_URL}/users"}, 500
 
 
-    @login_required
-    @authorize_user # TODO users mogen enkel zichzelf verwijderen
+    @authorize_user
     def delete(self, user_id):
         """
         This function will respond to DELETE requests made to /users/<user_id>.

backend/project/utils/authentication.py

@@ -423,4 +423,4 @@ def wrap(*args, **kwargs):
         if is_teacher_of_course(auth_user_id, course_id) or is_admin_of_course(auth_user_id, course_id):
             return f(*args, **kwargs)
         abort_with_message(403, "")
-    return wrap
+    return wrap