diff --git a/explorer/tests/test_views.py b/explorer/tests/test_views.py index 20299ca7..fc863de4 100644 --- a/explorer/tests/test_views.py +++ b/explorer/tests/test_views.py @@ -836,28 +836,17 @@ def test_email_calls_task(self, mocked_execute): self.client.post( url, data={"email": "foo@bar.com"}, - **{"HTTP_X_REQUESTED_WITH": "XMLHttpRequest"} ) self.assertEqual(mocked_execute.delay.call_count, 1) - def test_email_403(self): + def test_no_email(self): query = SimpleQueryFactory() url = reverse("email_csv_query", kwargs={"query_id": query.id}) response = self.client.post( url, data={}, - **{"HTTP_X_REQUESTED_WITH": "XMLHttpRequest"} ) - self.assertEqual(response.status_code, 403) - - def test_email_no_xml_403(self): - query = SimpleQueryFactory() - url = reverse("email_csv_query", kwargs={"query_id": query.id}) - response = self.client.post( - url, - data={}, - ) - self.assertEqual(response.status_code, 403) + self.assertEqual(response.status_code, 400) class TestQueryFavorites(TestCase): diff --git a/explorer/views/email.py b/explorer/views/email.py index 3d8c4812..71ce0081 100644 --- a/explorer/views/email.py +++ b/explorer/views/email.py @@ -10,11 +10,13 @@ class EmailCsvQueryView(PermissionRequiredMixin, View): permission_required = "view_permission" def post(self, request, query_id, *args, **kwargs): - if request.headers.get("x-requested-with") == "XMLHttpRequest": - email = request.POST.get("email", None) - if email: - execute_query.delay(query_id, email) - return JsonResponse( - {"message": "message was sent successfully"} - ) - return JsonResponse({}, status=403) + email = request.POST.get("email", None) + if not email: + return JsonResponse( + {"error": "email is required"}, + status=400, + ) + + execute_query.delay(query_id, email) + + return JsonResponse({"message": "message was sent successfully"})