diff --git a/graphql_api/tests/test_repository.py b/graphql_api/tests/test_repository.py index 260203d0a5..5d1aac5659 100644 --- a/graphql_api/tests/test_repository.py +++ b/graphql_api/tests/test_repository.py @@ -728,6 +728,41 @@ def test_repo_upload_token_not_available_config_setting_owner_not_admin(self): assert data["owner"]["repository"]["uploadToken"] == TOKEN_UNAVAILABLE + @override_settings(HIDE_ALL_CODECOV_TOKENS=True) + def test_repo_upload_token_not_available_config_setting_owner_is_anonymous(self): + owner = OwnerFactory(service="gitlab") + + repo = RepositoryFactory( + author=owner, + author__service="gitlab", + service_id=12345, + active=True, + private=False, + ) + + query = """ + query { + owner(username: "%s") { + repository(name: "%s") { + ... on Repository { + uploadToken + } + } + } + } + """ % ( + owner.username, + repo.name, + ) + + data = self.gql_request( + query, + variables={"name": repo.name}, + provider="gitlab", + ) + + assert data["owner"]["repository"]["uploadToken"] == TOKEN_UNAVAILABLE + @override_settings(HIDE_ALL_CODECOV_TOKENS=True) def test_repo_upload_token_not_available_config_setting_owner_is_admin(self): owner = OwnerFactory(service="gitlab") diff --git a/graphql_api/types/owner/owner.py b/graphql_api/types/owner/owner.py index 8d18dabafb..40fa259771 100644 --- a/graphql_api/types/owner/owner.py +++ b/graphql_api/types/owner/owner.py @@ -210,10 +210,7 @@ def resolve_org_upload_token( should_hide_tokens = settings.HIDE_ALL_CODECOV_TOKENS current_owner = info.context["request"].current_owner command = info.context["executor"].get_command("owner") - if not current_owner: - is_owner_admin = False - else: - is_owner_admin = current_owner.is_admin(owner) + is_owner_admin = current_owner.is_admin(owner) if should_hide_tokens and not is_owner_admin: return TOKEN_UNAVAILABLE