Compare commits

...

1 Commits

Author SHA1 Message Date
sangeethailango 115c238681 fix: project member check on IntakeIssueViewset 2025-09-15 18:33:24 +05:30
+5 -5
View File
@@ -356,9 +356,9 @@ class IntakeIssueViewSet(BaseViewSet):
is_active=True,
)
# Only project members admins and created_by users can access this endpoint
if project_member.role <= 5 and str(intake_issue.created_by_id) != str(
request.user.id
):
if (project_member and project_member.role <= 5) and str(
intake_issue.created_by_id
) != str(request.user.id):
return Response(
{"error": "You cannot edit intake issues"},
status=status.HTTP_400_BAD_REQUEST,
@@ -392,7 +392,7 @@ class IntakeIssueViewSet(BaseViewSet):
),
).get(pk=intake_issue.issue_id, workspace__slug=slug, project_id=project_id)
# Only allow guests to edit name and description
if project_member.role <= 5:
if project_member and project_member.role <= 5:
issue_data = {
"name": issue_data.get("name", issue.name),
"description_html": issue_data.get(
@@ -437,7 +437,7 @@ class IntakeIssueViewSet(BaseViewSet):
)
# Only project admins and members can edit intake issue attributes
if project_member.role > 15:
if project_member and project_member.role > 15:
serializer = IntakeIssueSerializer(
intake_issue, data=request.data, partial=True
)