Finish hotfix/current_user

Cannot connect with non-admin user OMT-281
openimis · Nov 15, 2021 · 31a32e1 · 31a32e1
2 parents e2877a1 + 2dd3c4d
commit 31a32e1
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/core/views.py b/core/views.py
@@ -1,13 +1,17 @@
 from rest_framework import viewsets
 from rest_framework.decorators import action
 from rest_framework.response import Response
+from rest_framework.permissions import IsAuthenticated
 from .models import User
 from .serializers import UserSerializer
 
 
 class UserViewSet(viewsets.ModelViewSet):
     queryset = User.objects.all()
     serializer_class = UserSerializer
+    # If we don't specify the IsAuthenticated, the framework will look for the core.user_view permission and prevent
+    # any access from non-admin users
+    permission_classes = [IsAuthenticated]
 
     @action(detail=False)
     def current_user(self, request):