From 46a86b6c451a398e5338c412595888678c2754f4 Mon Sep 17 00:00:00 2001
From: Samuel Gaist <samuel.gaist@idiap.ch>
Date: Fri, 24 Apr 2020 10:38:59 +0200
Subject: [PATCH] [databases][api] Move from custom permission mixins to use
 permissions

---
 beat/web/databases/api.py | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/beat/web/databases/api.py b/beat/web/databases/api.py
index ec93a01ee..b076cb2ec 100755
--- a/beat/web/databases/api.py
+++ b/beat/web/databases/api.py
@@ -30,7 +30,7 @@ import json
 import logging
 
 from rest_framework.response import Response
-from rest_framework import permissions
+from rest_framework import permissions as drf_permissions
 from rest_framework import exceptions as drf_exceptions
 from rest_framework import views
 
@@ -40,7 +40,7 @@ from .models import DatabaseSetTemplate
 from .serializers import DatabaseSerializer, DatabaseCreationSerializer
 
 from ..common import is_true
-from ..common.mixins import IsAdminOrReadOnlyMixin
+from ..common import permissions as beat_permissions
 from ..common.api import ListCreateBaseView
 from ..common.utils import ensure_html
 
@@ -117,7 +117,7 @@ def clean_paths(declaration):
 # ----------------------------------------------------------
 
 
-class ListCreateDatabasesView(IsAdminOrReadOnlyMixin, ListCreateBaseView):
+class ListCreateDatabasesView(ListCreateBaseView):
     """
     Read/Write end point that list the database available
     to a user and allows the creation of new databases only to
@@ -125,6 +125,7 @@ class ListCreateDatabasesView(IsAdminOrReadOnlyMixin, ListCreateBaseView):
     """
 
     model = Database
+    permission_classes = [beat_permissions.IsAdminOrReadOnly]
     serializer_class = DatabaseSerializer
     writing_serializer_class = DatabaseCreationSerializer
     namespace = "api_databases"
@@ -159,7 +160,7 @@ class ListTemplatesView(views.APIView):
     List all templates available
     """
 
-    permission_classes = [permissions.AllowAny]
+    permission_classes = [drf_permissions.AllowAny]
 
     def get(self, request):
         result = {}
@@ -209,7 +210,7 @@ class RetrieveDatabaseView(views.APIView):
     """
 
     model = Database
-    permission_classes = [permissions.AllowAny]
+    permission_classes = [drf_permissions.AllowAny]
 
     def get_object(self):
         version = self.kwargs["version"]
-- 
GitLab