From e4aaadc9c424953990c3e09ba7373bd5cc8874a1 Mon Sep 17 00:00:00 2001
From: Privateco <github@privateco.net>
Date: Wed, 3 Apr 2024 18:08:11 +0200
Subject: [PATCH] Fixes authentication on get_object_or_error

This commit makes authentication required to access objects with `get_object_or_error`.

Previously, authentication was checked only... if object was not found
---
 taiga/base/api/utils/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/taiga/base/api/utils/__init__.py b/taiga/base/api/utils/__init__.py
index d4b27697..70ef8136 100644
--- a/taiga/base/api/utils/__init__.py
+++ b/taiga/base/api/utils/__init__.py
@@ -55,9 +55,9 @@ def get_object_or_error(queryset, user, *filter_args, **filter_kwargs):
     (if the user is not logged in).
 
     """
+    if not user.is_authenticated:
+        raise NotAuthenticated
     try:
         return _get_object_or_404(queryset, *filter_args, **filter_kwargs)
     except (Http404, TypeError, ValueError):
-        if not user.is_authenticated:
-            raise NotAuthenticated
         raise Http404