Make GET Consent Settings a public endpoint.

ethyca · Aug 22, 2023 · 25efb1c · 25efb1c
1 parent 0d2525b
commit 25efb1c
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 4 deletions.
diff --git a/src/fides/api/api/v1/endpoints/consent_settings_endpoints.py b/src/fides/api/api/v1/endpoints/consent_settings_endpoints.py
@@ -19,11 +19,10 @@
 
 @router.get(
     urls.CONSENT_SETTINGS,
-    dependencies=[Security(verify_oauth_client, scopes=[scopes.CONSENT_SETTINGS_READ])],
     response_model=ConsentSettingsResponseSchema,
 )
 def get_consent_settings(*, db: Session = Depends(deps.get_db)) -> ConsentSettings:
-    """Returns organization-wide consent settings."""
+    """Public endpoint that returns organization-wide consent settings."""
     logger.info("Getting organization-wide consent settings")
     return ConsentSettings.get_or_create_with_defaults(db)
 

diff --git a/tests/ops/api/v1/endpoints/test_consent_settings_endpoints.py b/tests/ops/api/v1/endpoints/test_consent_settings_endpoints.py
@@ -19,7 +19,7 @@ def url(self) -> str:
 
     def test_get_consent_settings_unauthenticated(self, api_client: TestClient, url):
         response = api_client.get(url, headers={})
-        assert 401 == response.status_code
+        assert 200 == response.status_code
 
     @pytest.mark.parametrize(
         "role,expected_status",
@@ -28,7 +28,7 @@ def test_get_consent_settings_unauthenticated(self, api_client: TestClient, url)
             ("contributor", HTTP_200_OK),
             ("viewer_and_approver", HTTP_200_OK),
             ("viewer", HTTP_200_OK),
-            ("approver", HTTP_403_FORBIDDEN),
+            ("approver", HTTP_200_OK),
         ],
     )
     def test_get_consent_settings_with_roles(