Merge pull request #3360 from vkWeb/fix/admin-access

fix(admin): custom admin permission class

Author: rtibbles

contentcuration/contentcuration/viewsets/channel.py

@@ -20,9 +20,7 @@
 from rest_framework import serializers
 from rest_framework.decorators import action
 from rest_framework.exceptions import ValidationError
-from rest_framework.pagination import PageNumberPagination
 from rest_framework.permissions import AllowAny
-from rest_framework.permissions import IsAdminUser
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.serializers import CharField
@@ -52,6 +50,7 @@
 from contentcuration.viewsets.common import UUIDInFilter
 from contentcuration.viewsets.sync.constants import CHANNEL
 from contentcuration.viewsets.sync.utils import generate_update_event
+from contentcuration.viewsets.user import IsAdminUser
 
 
 class ChannelListPagination(ValuesViewsetPageNumberPagination):

contentcuration/contentcuration/viewsets/user.py

@@ -16,7 +16,7 @@
 from django_filters.rest_framework import FilterSet
 from rest_framework.decorators import action
 from rest_framework.exceptions import ValidationError
-from rest_framework.permissions import IsAdminUser
+from rest_framework.permissions import BasePermission
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 
@@ -39,6 +39,18 @@
 from contentcuration.viewsets.sync.constants import VIEWER_M2M
 
 
+class IsAdminUser(BasePermission):
+    """
+    Our custom permission to check admin authorization.
+    """
+
+    def has_permission(self, request, view):
+        try:
+            return request.user and request.user.is_admin
+        except AttributeError:
+            return False
+
+
 class UserListPagination(ValuesViewsetPageNumberPagination):
     page_size = None
     page_size_query_param = "page_size"