From 9a3a1cf60b8042e08b22dcf9f64ffe6883c9b5fb Mon Sep 17 00:00:00 2001
From: Aroy-Art <Aroy-Art@pm.me>
Date: Fri, 3 Jan 2025 22:42:02 +0100
Subject: [PATCH] Add admin only permission for api

---
 archivist/apps/api/permissions.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/archivist/apps/api/permissions.py b/archivist/apps/api/permissions.py
index bc52a72..0ebdc6b 100644
--- a/archivist/apps/api/permissions.py
+++ b/archivist/apps/api/permissions.py
@@ -1,6 +1,15 @@
 # permissions.py
+from rest_framework import permissions
+
 
 def check_admin(user):
     """check for admin permission for restricted views"""
     return user.is_staff or user.groups.filter(name="admin").exists()
 
+
+class AdminOnly(permissions.BasePermission):
+    """allow only admin"""
+
+    def has_permission(self, request, view):
+        return check_admin(request.user)
+