From 9cf814f1d4cfd748c816f96ac0060674a8b5c098 Mon Sep 17 00:00:00 2001
From: Damien Garros <dgarros@gmail.com>
Date: Sat, 16 Nov 2024 17:46:01 +0100
Subject: [PATCH] Anonymous user will get a 401 response when trying to load a
 schema

---
 backend/infrahub/api/dependencies.py | 2 +-
 changelog/+anonymous.fixed.md        | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 changelog/+anonymous.fixed.md

diff --git a/backend/infrahub/api/dependencies.py b/backend/infrahub/api/dependencies.py
index cb58029c39..bb415d9443 100644
--- a/backend/infrahub/api/dependencies.py
+++ b/backend/infrahub/api/dependencies.py
@@ -118,7 +118,7 @@ async def get_current_user(
     if config.SETTINGS.main.allow_anonymous_access and request.method.lower() in ["get", "options"]:
         return account_session
 
-    if request.method.lower() == "post" and account_session.read_only:
+    if request.method.lower() == "post" and account_session.read_only and account_session.authenticated:
         raise PermissionDeniedError("You are not allowed to perform this operation")
 
     raise AuthorizationError("Authentication is required")
diff --git a/changelog/+anonymous.fixed.md b/changelog/+anonymous.fixed.md
new file mode 100644
index 0000000000..65e0f6918d
--- /dev/null
+++ b/changelog/+anonymous.fixed.md
@@ -0,0 +1 @@
+Anonymous user will get a 401 response when trying to load a schema
\ No newline at end of file