Merge pull request #1052 from maykinmedia/fix/2146-kvk-middleware-red…

…irects-all-requests

🐛 [#2146] Avoid KvK branch select redirects for media files

src/open_inwoner/kvk/middleware.py

@@ -1,5 +1,6 @@
 import logging
 
+from django.conf import settings
 from django.http import HttpResponseRedirect
 from django.urls import NoReverseMatch, reverse
 
@@ -24,6 +25,8 @@ def __call__(self, request):
             not user.is_authenticated
             or not user.is_eherkenning_user
             or kvk_branch_selected_done(request.session)
+            or request.path.startswith(settings.MEDIA_URL)
+            or request.path.startswith(settings.PRIVATE_MEDIA_URL)
         ):
             return self.get_response(request)
 

src/open_inwoner/kvk/tests/test_middleware.py

@@ -0,0 +1,32 @@
+from unittest.mock import patch
+
+from django.conf import settings
+from django.test import TestCase
+
+from open_inwoner.accounts.tests.factories import eHerkenningUserFactory
+from open_inwoner.kvk.tests.factories import CertificateFactory
+
+
+class KvKLoginMiddlewareTestCase(TestCase):
+    @patch("open_inwoner.kvk.client.KvKClient.get_all_company_branches")
+    @patch(
+        "open_inwoner.kvk.models.KvKConfig.get_solo",
+    )
+    def test_middleware_skip_redirect_for_media_files(self, mock_solo, mock_kvk):
+        mock_kvk.return_value = [
+            {"kvkNummer": "12345678"},
+            {"kvkNummer": "12345678", "vestigingsnummer": "1234"},
+        ]
+
+        mock_solo.return_value.api_key = "123"
+        mock_solo.return_value.api_root = "http://foo.bar/api/v1/"
+        mock_solo.return_value.client_certificate = CertificateFactory()
+        mock_solo.return_value.server_certificate = CertificateFactory()
+
+        user = eHerkenningUserFactory.create()
+
+        self.client.force_login(user=user)
+
+        response = self.client.get(f"{settings.MEDIA_URL}filer_public/some_image.png/")
+
+        self.assertEqual(response.status_code, 404)