TODO: fix create contract related endpoints

core/apps/companies/permissions/folders.py

@@ -1,12 +1,20 @@
-from rest_framework import permissions
+from rest_framework import permissions  # type: ignore
+from rest_framework.request import HttpRequest  # type: ignore
+from rest_framework.views import APIView  # type: ignore
+from core.apps.companies.models import CompanyFolderModel
 
 
-class CompanyfolderPermission(permissions.BasePermission):
+class IsFolderOwner(permissions.IsAuthenticated):
 
-    def __init__(self) -> None: ...
-
-    def __call__(self, *args, **kwargs):
-        return self
-
-    def has_permission(self, request, view):
-        return True
+    def has_object_permission(  # type: ignore
+            self, 
+            request: HttpRequest, 
+            view: APIView, 
+            obj: CompanyFolderModel
+        ) -> bool:
+        return CompanyFolderModel.objects.filter(
+            company__accounts__user=request.user,
+            id=obj.id
+        ).exists()
+        
+