CKAN version
>=2.7
Describe the bug
When a non-sysadmin user deletes a group or organization, they get a 403 Not Authorized error. The group/org gets actually deleted.
This is because after deleting the group/org we are calling group_show on the deleted entity:
|
group_dict = _action(u'group_show')(context, {u'id': id}) |
AFAICT we are not using this group_dict at all so it can be removed.
The tests in place didn't check the status code returned so that's why it slipped unnoticed.
CKAN version
>=2.7
Describe the bug
When a non-sysadmin user deletes a group or organization, they get a 403 Not Authorized error. The group/org gets actually deleted.
This is because after deleting the group/org we are calling
group_showon the deleted entity:ckan/ckan/views/group.py
Line 1039 in 170556a
AFAICT we are not using this
group_dictat all so it can be removed.The tests in place didn't check the status code returned so that's why it slipped unnoticed.