update permissions and views

bb1bf58a · Bodor Máté · 648738ab · bb1bf58a · bb1bf58a
Commit bb1bf58a authored 7 years ago by Bodor Máté
--- a/src/homework/permissions.py
+++ b/src/homework/permissions.py
@@ -30,8 +30,13 @@ class IsAuthenticatedOrReadOnly(BasePermission):

 class IsStaffOrReadOnlyForAuthenticated(BasePermission):

-    def has_object_permission(self, request, view, obj):
-        return (request.user.is_staff or
-                request.method in SAFE_METHODS and
-                request.user.is_authenticated
+    """
+    The request is authenticated as a staff, or is a read-only request for authenticated.
+    """
+
+    def has_object_permission(self, request, view):
+        return (
+            request.user.is_staff or
+            request.method in SAFE_METHODS and
+            request.user.is_authenticated
        )
--- a/src/homework/views.py
+++ b/src/homework/views.py
@@ -11,13 +11,13 @@ from rest_framework import status
 class TasksViewSet(viewsets.ModelViewSet):
    serializer_class = serializers.TaskSerializer
    queryset = models.Task.objects.all()
-    permission_classes = (permissions.IsStaffOrReadOnly, )
+    permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )


 class SolutionViewSet(viewsets.ModelViewSet):
    serializer_class = serializers.SolutionSerializer
    queryset = models.Solution.objects.all()
-    permission_classes = (permissions.SolutionPermission, )
+    permission_classes = (permissions.IsStaffOrReadOnlyForAuthenticated, )

    def create(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)