From 6ec8e9cd247df333bb38e9e132d3d23b72bea883 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20K=C3=BCnsem=C3=B6ller?=
 <jkuensem@physik.uni-bielefeld.de>
Date: Wed, 21 Dec 2022 22:59:03 +0100
Subject: [PATCH] TMSS-2229: Fix separate issue with creating a fresh
 scheduling set as shared support

---
 .../src/tmss/tmssapp/viewsets/permissions.py       | 14 ++++++++------
 .../src/tmss/tmssapp/viewsets/specification.py     |  9 ++++++---
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/permissions.py b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/permissions.py
index 845fb9466ff..cc544080d45 100644
--- a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/permissions.py
+++ b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/permissions.py
@@ -169,18 +169,20 @@ class IsProjectMember(drf_permissions.DjangoObjectPermissions):
             else:
                 raise AttributeError(f'The model {view.serializer_class.Meta.model} requires an attribute "project" or "path_to_project" to check project permissions.')
             for attr in attrs:
+                obj_resolved_in_this_iteration = False
                 if not obj:
                     # on first iteration, the referenced object needs to be resolved from POSTed FQDN
                     obj_ref = request.data[attr]
                     path = urllib.parse.urlparse(obj_ref).path
                     resolved_func, _, resolved_kwargs = resolve(path)
                     obj = resolved_func.cls().get_queryset().get(pk=resolved_kwargs['pk'])
-                else:
-                    if attr == 'project':
-                        # has_object_permission checks the project from obj, so we can just check project permission on
-                        # something that has the correct project attribute
-                        p=self.has_object_permission(request, view, obj)
-                        return p
+                    obj_resolved_in_this_iteration = True
+                if attr == 'project':
+                    # has_object_permission checks the project from obj, so we can just check project permission on
+                    # something that has the correct project attribute
+                    p = self.has_object_permission(request, view, obj)
+                    return p
+                if not obj_resolved_in_this_iteration:
                     obj = getattr(obj, attr)
 
         pk = view.kwargs.get('pk', None)
diff --git a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
index 58da64724b5..ac8f96c2788 100644
--- a/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
+++ b/SAS/TMSS/backend/src/tmss/tmssapp/viewsets/specification.py
@@ -422,9 +422,12 @@ class ProjectViewSet(LOFARViewSet):
         queryset = models.Project.objects.all()
 
         # query by cycle
-        cycle = self.request.query_params.get('cycle', None)
-        if cycle is not None:
-            return queryset.filter(cycles__name=cycle)
+        try:
+            cycle = self.request.query_params.get('cycle', None)
+            if cycle is not None:
+                return queryset.filter(cycles__name=cycle)
+        except AttributeError:
+            pass
 
         return queryset
 
-- 
GitLab