Add tests for handling anon users for token GQL resolvers (#932)

Author: rohitvinnakota-codecov

graphql_api/tests/test_repository.py

@@ -728,6 +728,41 @@ def test_repo_upload_token_not_available_config_setting_owner_not_admin(self):
 
         assert data["owner"]["repository"]["uploadToken"] == TOKEN_UNAVAILABLE
 
+    @override_settings(HIDE_ALL_CODECOV_TOKENS=True)
+    def test_repo_upload_token_not_available_config_setting_owner_is_anonymous(self):
+        owner = OwnerFactory(service="gitlab")
+
+        repo = RepositoryFactory(
+            author=owner,
+            author__service="gitlab",
+            service_id=12345,
+            active=True,
+            private=False,
+        )
+
+        query = """
+            query {
+                owner(username: "%s") {
+                    repository(name: "%s") {
+                        ... on Repository {
+                            uploadToken
+                        }
+                    }
+                }
+            }
+        """ % (
+            owner.username,
+            repo.name,
+        )
+
+        data = self.gql_request(
+            query,
+            variables={"name": repo.name},
+            provider="gitlab",
+        )
+
+        assert data["owner"]["repository"]["uploadToken"] == TOKEN_UNAVAILABLE
+
     @override_settings(HIDE_ALL_CODECOV_TOKENS=True)
     def test_repo_upload_token_not_available_config_setting_owner_is_admin(self):
         owner = OwnerFactory(service="gitlab")

graphql_api/types/owner/owner.py

@@ -210,10 +210,7 @@ def resolve_org_upload_token(
     should_hide_tokens = settings.HIDE_ALL_CODECOV_TOKENS
     current_owner = info.context["request"].current_owner
     command = info.context["executor"].get_command("owner")
-    if not current_owner:
-        is_owner_admin = False
-    else:
-        is_owner_admin = current_owner.is_admin(owner)
+    is_owner_admin = current_owner.is_admin(owner)
     if should_hide_tokens and not is_owner_admin:
         return TOKEN_UNAVAILABLE