From 9b81fcc775828d463b6d9074b00a8081ae9ef3a0 Mon Sep 17 00:00:00 2001 From: Xander Vertegaal Date: Thu, 14 May 2026 11:04:45 +0200 Subject: [PATCH 1/2] Remove unused problem list view --- backend/problem/views/problem.py | 14 ++------------ backend/problem/views/problem_test.py | 27 --------------------------- 2 files changed, 2 insertions(+), 39 deletions(-) diff --git a/backend/problem/views/problem.py b/backend/problem/views/problem.py index 7653d70..7d7122b 100644 --- a/backend/problem/views/problem.py +++ b/backend/problem/views/problem.py @@ -1,4 +1,5 @@ from rest_framework.decorators import action +from rest_framework.exceptions import MethodNotAllowed from rest_framework.request import Request from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet @@ -51,18 +52,7 @@ def get_permissions(self): return [IsAuthenticatedOrReadOnly()] def list(self, request: Request) -> Response: - """ - Lists all Problems in the database, with optional filtering. - """ - filters = get_filters(request.query_params) - - qs = self.get_queryset() - - if filters is not None: - qs = qs.filter(filters) - - serializer = self.get_serializer(qs, many=True) - return Response(serializer.data, status=HTTP_200_OK) + raise MethodNotAllowed(request.method) @action(detail=False, methods=["get"], url_path="first") def first(self, request: Request) -> Response: diff --git a/backend/problem/views/problem_test.py b/backend/problem/views/problem_test.py index 678dac8..7c30d72 100644 --- a/backend/problem/views/problem_test.py +++ b/backend/problem/views/problem_test.py @@ -27,33 +27,6 @@ class TestProblemViewPermissions: Tests for problem view permissions as documented in the README. """ - # List / browse - - def test_unauthenticated_user_can_list_problems(self, client, sample_problem): - """Unauthenticated users should be able to browse problems (read-only).""" - response = client.get("/api/problem/") - assert response.status_code == status.HTTP_200_OK - - def test_visitor_can_list_problems(self, client, visitor, sample_problem): - """Visitors should be able to browse problems.""" - client.force_login(user=visitor) - response = client.get("/api/problem/") - assert response.status_code == status.HTTP_200_OK - - def test_annotator_can_list_problems(self, client, annotator, sample_problem): - """Annotators should be able to browse problems.""" - client.force_login(user=annotator) - response = client.get("/api/problem/") - assert response.status_code == status.HTTP_200_OK - - def test_master_annotator_can_list_problems( - self, client, master_annotator, sample_problem - ): - """Master annotators should be able to browse problems.""" - client.force_login(user=master_annotator) - response = client.get("/api/problem/") - assert response.status_code == status.HTTP_200_OK - # Retrieve / browse single def test_unauthenticated_user_can_retrieve_problem(self, client, sample_problem): From 1eabe9cdc800f68c56c1c51f74ece2d2cb041ded Mon Sep 17 00:00:00 2001 From: Xander Vertegaal Date: Thu, 14 May 2026 11:22:10 +0200 Subject: [PATCH 2/2] Replace 405 with 404 in problem list view resolver --- backend/problem/views/problem.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/problem/views/problem.py b/backend/problem/views/problem.py index 7d7122b..e27b871 100644 --- a/backend/problem/views/problem.py +++ b/backend/problem/views/problem.py @@ -1,5 +1,4 @@ from rest_framework.decorators import action -from rest_framework.exceptions import MethodNotAllowed from rest_framework.request import Request from rest_framework.response import Response from rest_framework.viewsets import ModelViewSet @@ -11,6 +10,7 @@ ) from rest_framework.permissions import IsAuthenticated, IsAuthenticatedOrReadOnly +from django.http import Http404 from django.shortcuts import get_object_or_404 from problem.problem_details import ( @@ -52,7 +52,7 @@ def get_permissions(self): return [IsAuthenticatedOrReadOnly()] def list(self, request: Request) -> Response: - raise MethodNotAllowed(request.method) + raise Http404 @action(detail=False, methods=["get"], url_path="first") def first(self, request: Request) -> Response: