fixup! feat: check authz permissions for course tagging

wgu-taylor-payne · wgu-taylor-payne · commit 5c93291637fa · 2026-04-24T14:41:36.000-06:00
diff --git a/openedx/core/djangoapps/content_tagging/auth.py b/openedx/core/djangoapps/content_tagging/auth.py
@@ -5,7 +5,6 @@
 
 from opaque_keys import InvalidKeyError
 from opaque_keys.edx.keys import CourseKey
-from opaque_keys.edx.locator import LibraryLocatorV2
 from openedx_authz import api as authz_api
 from openedx_authz.constants.permissions import COURSES_EXPORT_TAGS
 from openedx_tagging import rules as oel_tagging_rules
@@ -52,17 +51,17 @@ def should_use_authz_for_object(object_id) -> tuple[bool, CourseKey | None]:
     - should_use_authz: True if authz should be used, False otherwise
     - course_key: The CourseKey if object is a course, None otherwise
     """
-    # Extract context_key and ensure it is a course_key
+    # Extract context_key and ensure it is a CourseKey (not a LibraryLocatorV2, etc.)
     try:
         context_key = get_context_key_from_key_string(object_id)
-        if not isinstance(context_key, CourseKey) or isinstance(context_key, LibraryLocatorV2):
+        if not isinstance(context_key, CourseKey):
             return False, None
     except (ValueError, AttributeError):
         return False, None
 
     # Check if toggle is active
     if not core_toggles.enable_authz_course_authoring(context_key):
-        return False, context_key
+        return False, None
 
     # Authz should be used for this course object
     return True, context_key
diff --git a/openedx/core/djangoapps/content_tagging/rest_api/v1/tests/test_views.py b/openedx/core/djangoapps/content_tagging/rest_api/v1/tests/test_views.py
@@ -2165,7 +2165,7 @@ def setUp(self):
         )
         TaxonomyOrg.objects.create(
             taxonomy=self.taxonomy,
-            org=None, # Global taxonomy not tied to any org
+            org=None,  # Global taxonomy not tied to any org
             rel_type=TaxonomyOrg.RelType.OWNER,
         )
 
@@ -2298,7 +2298,7 @@ def test_no_role_user_denied_view(self):
     def test_library_fallthrough_to_legacy(self):
         """Library object_id falls through to legacy permissions"""
         # Create organization for library
-        org, created = Organization.objects.get_or_create(short_name="TestOrg")
+        org, _ = Organization.objects.get_or_create(short_name="TestOrg")
 
         # Create library
         library = create_library(
