diff --git a/core/apps/accounts/permissions.py b/core/apps/accounts/permissions.py index b1cf674..a69e73f 100644 --- a/core/apps/accounts/permissions.py +++ b/core/apps/accounts/permissions.py @@ -11,7 +11,6 @@ class IsAdminRole(BasePermission): if request.user.role != RoleChoice.ADMIN or request.user.role != RoleChoice.SUPERUSER: raise PermissionDenied("Only admin can access this") - return True diff --git a/core/apps/evaluation/views/bonus.py b/core/apps/evaluation/views/bonus.py index 6ab94dd..e763028 100644 --- a/core/apps/evaluation/views/bonus.py +++ b/core/apps/evaluation/views/bonus.py @@ -1,9 +1,9 @@ from django_core.mixins import BaseViewSetMixin from drf_spectacular.utils import extend_schema from rest_framework import viewsets -from rest_framework.permissions import IsAdminUser from rest_framework.viewsets import ModelViewSet +from core.apps.accounts.permissions import IsAdminRole # core from core.apps.evaluation.models.bonus import BonusCategory, EmployeeBonus, BaseValueBonus from core.apps.evaluation.serializers.bonus.Bonus import BonusCategorySerializer, \ @@ -31,11 +31,11 @@ class BonusTypeView(BaseViewSetMixin, ModelViewSet): } action_permission_classes = { - 'create': [IsAdminUser], - 'update': [IsAdminUser], - 'partial_update': [IsAdminUser], - 'destroy': [IsAdminUser], - 'list': [IsAdminUser], + 'create': [IsAdminRole], + 'update': [IsAdminRole], + 'partial_update': [IsAdminRole], + 'destroy': [IsAdminRole], + 'list': [IsAdminRole], } @extend_schema(tags=["Bonus-Employee"]) @@ -52,9 +52,9 @@ class BonusEmployeeViewSet(BaseViewSetMixin, ModelViewSet): } action_permission_classes = { - 'create': [IsAdminUser], - 'update': [IsAdminUser], - 'partial_update': [IsAdminUser], - 'destroy': [IsAdminUser], - 'list': [IsAdminUser], + 'create': [IsAdminRole], + 'update': [IsAdminRole], + 'partial_update': [IsAdminRole], + 'destroy': [IsAdminRole], + 'list': [IsAdminRole], }