From dcbc8e66fb146f543c1ec16d46d93b64f195c2c2 Mon Sep 17 00:00:00 2001
From: Anders Kaseorg <anders@zulip.com>
Date: Tue, 23 Jun 2020 18:22:41 -0700
Subject: [PATCH] decorator: Remove authenticated_json_post_view.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It’s effectively a combination of require_post with
authenticated_json_view and has one use.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
---
 docs/tutorials/writing-views.md |  5 ++---
 zerver/decorator.py             | 17 +++--------------
 zerver/views/streams.py         |  6 ++++--
 3 files changed, 9 insertions(+), 19 deletions(-)

diff --git a/docs/tutorials/writing-views.md b/docs/tutorials/writing-views.md
index 7a67bf0be4..54673f643a 100644
--- a/docs/tutorials/writing-views.md
+++ b/docs/tutorials/writing-views.md
@@ -324,9 +324,8 @@ preferable from a security perspective, and it is generally a good idea
 to make your feature available to other clients, especially the mobile
 clients.
 
-These endpoints make use of some older authentication decorators,
-`authenticated_json_api_view`, `authenticated_json_post_view`, and
-`authenticated_json_view`, so you may see them in the code.
+These endpoints make use the older authentication decorator
+`authenticated_json_view`, so you may see it in the code.
 
 ## Incoming webhook integrations
 
diff --git a/zerver/decorator.py b/zerver/decorator.py
index 701f85c38a..8f90017b37 100644
--- a/zerver/decorator.py
+++ b/zerver/decorator.py
@@ -672,20 +672,9 @@ def authenticate_log_and_execute_json(request: HttpRequest,
                    query=view_func.__name__)
     return limited_view_func(request, user_profile, *args, **kwargs)
 
-# Checks if the request is a POST request and that the user is logged
-# in.  If not, return an error (the @login_required behavior of
-# redirecting to a login page doesn't make sense for json views)
-def authenticated_json_post_view(
-    view_func: Callable[..., HttpResponse],
-) -> Callable[..., HttpResponse]:
-    @require_post
-    @has_request_variables
-    @wraps(view_func)
-    def _wrapped_view_func(request: HttpRequest,
-                           *args: Any, **kwargs: Any) -> HttpResponse:
-        return authenticate_log_and_execute_json(request, view_func, *args, **kwargs)
-    return _wrapped_view_func
-
+# Checks if the user is logged in.  If not, return an error (the
+# @login_required behavior of redirecting to a login page doesn't make
+# sense for json views)
 def authenticated_json_view(
     view_func: Callable[..., HttpResponse],
     skip_rate_limiting: bool = False,
diff --git a/zerver/views/streams.py b/zerver/views/streams.py
index 86b427de26..b68f6c48bd 100644
--- a/zerver/views/streams.py
+++ b/zerver/views/streams.py
@@ -22,8 +22,9 @@ from django.utils.translation import override as override_language
 from django.utils.translation import ugettext as _
 
 from zerver.decorator import (
-    authenticated_json_post_view,
+    authenticated_json_view,
     require_non_guest_user,
+    require_post,
     require_realm_admin,
 )
 from zerver.lib.actions import (
@@ -643,7 +644,8 @@ def delete_in_topic(request: HttpRequest, user_profile: UserProfile,
 
     return json_success()
 
-@authenticated_json_post_view
+@require_post
+@authenticated_json_view
 @has_request_variables
 def json_stream_exists(request: HttpRequest, user_profile: UserProfile, stream_name: str=REQ("stream"),
                        autosubscribe: bool=REQ(validator=check_bool, default=False)) -> HttpResponse: