Add admin only permission for api

2025-01-03 22:42:02 +01:00 · 2025-01-03 22:42:02 +01:00 · 9a3a1cf60b
commit 9a3a1cf60b
parent 622cb351b7
1 changed files with 9 additions and 0 deletions
--- a/archivist/apps/api/permissions.py
+++ b/archivist/apps/api/permissions.py
@ -1,6 +1,15 @@
 # permissions.py
+from rest_framework import permissions
+

 def check_admin(user):
    """check for admin permission for restricted views"""
    return user.is_staff or user.groups.filter(name="admin").exists()

+
+class AdminOnly(permissions.BasePermission):
+    """allow only admin"""
+
+    def has_permission(self, request, view):
+        return check_admin(request.user)
+