core/apps/accounts/permissions.py

@@ -11,7 +11,6 @@ class IsAdminRole(BasePermission):
 
         if request.user.role != RoleChoice.ADMIN or request.user.role != RoleChoice.SUPERUSER:
             raise PermissionDenied("Only admin can access this")
-
         return True
 
 

core/apps/evaluation/views/bonus.py

@@ -1,9 +1,9 @@
 from django_core.mixins import BaseViewSetMixin
 from drf_spectacular.utils import extend_schema
 from rest_framework import viewsets
-from rest_framework.permissions import IsAdminUser
 from rest_framework.viewsets import ModelViewSet
 
+from core.apps.accounts.permissions import IsAdminRole
 # core
 from core.apps.evaluation.models.bonus import BonusCategory, EmployeeBonus, BaseValueBonus
 from core.apps.evaluation.serializers.bonus.Bonus import BonusCategorySerializer, \
@@ -31,11 +31,11 @@ class BonusTypeView(BaseViewSetMixin, ModelViewSet):
     }
 
     action_permission_classes = {
-        'create': [IsAdminUser],
+        'create': [IsAdminRole],
-        'update': [IsAdminUser],
+        'update': [IsAdminRole],
-        'partial_update': [IsAdminUser],
+        'partial_update': [IsAdminRole],
-        'destroy': [IsAdminUser],
+        'destroy': [IsAdminRole],
-        'list': [IsAdminUser],
+        'list': [IsAdminRole],
     }
 
 @extend_schema(tags=["Bonus-Employee"])
@@ -52,9 +52,9 @@ class BonusEmployeeViewSet(BaseViewSetMixin, ModelViewSet):
     }
 
     action_permission_classes = {
-        'create': [IsAdminUser],
+        'create': [IsAdminRole],
-        'update': [IsAdminUser],
+        'update': [IsAdminRole],
-        'partial_update': [IsAdminUser],
+        'partial_update': [IsAdminRole],
-        'destroy': [IsAdminUser],
+        'destroy': [IsAdminRole],
-        'list': [IsAdminUser],
+        'list': [IsAdminRole],
     }