fix: cover the case that no user is required, and is marked 'True'

arches/app/search/components/advanced_search.py

@@ -34,7 +34,7 @@ def append_dsl(self, search_results_object, permitted_nodegroups, include_provis
             for key, val in advanced_filter.items():
                 if key != "op":
                     node = models.Node.objects.get(pk=key)
-                    if self.user.has_perm("read_nodegroup", node.nodegroup):
+                    if self.user is True or self.user.has_perm("read_nodegroup", node.nodegroup):
                         datatype = datatype_factory.get_instance(node.datatype)
                         try:
                             val["val"] = "" if val["val"] == None else val["val"]
@@ -83,7 +83,7 @@ def view_data(self):
         # only allow cards that the user has permission to read
         searchable_cards = []
         for card in resource_cards:
-            if self.user.has_perm("read_nodegroup", card.nodegroup):
+            if self.user is True or self.user.has_perm("read_nodegroup", card.nodegroup):
                 searchable_cards.append(card)
 
         ret["graphs"] = resource_graphs

arches/app/search/components/search_results.py

@@ -90,7 +90,7 @@ def post_search_hook(self, search_results_object, results, permitted_nodegroups)
 def get_nodegroups_by_datatype_and_perm(user, datatype, permission):
     nodes = []
     for node in models.Node.objects.filter(datatype=datatype):
-        if user.has_perm(permission, node.nodegroup):
+        if user is True or user.has_perm(permission, node.nodegroup):
             nodes.append(str(node.nodegroup_id))
     return nodes