fix: simple jwt logout and permissions

7ba4ab25 · Ilham Maulana · e0da5b69 · 7ba4ab25
Commit 7ba4ab25 authored Jul 21, 2024 by Ilham Maulana 💻
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 11 deletions

views.py api/auth/views.py +1 -11

No files found.
--- a/api/auth/views.py
+++ b/api/auth/views.py
@@ -51,7 +51,7 @@ class LibrarianLoginHistoryViewSet(viewsets.ModelViewSet):


 class MemberViewSet(viewsets.ModelViewSet):
-    permission_classes = [IsStaffUser]
+    permission_classes = [IsNotStaffUser]
    queryset = Member.objects.all().order_by("created_at")
    serializer_class = MemberSerializer

@@ -63,16 +63,6 @@ class MemberViewSet(viewsets.ModelViewSet):
        "user__last_name",
    ]

-    def list(self, request):
-        if self.request.user.is_staff:
-            return Response(
-                {"message": "Access Denied"}, status=status.HTTP_406_NOT_ACCEPTABLE
-            )
-
-        queryset = self.filter_queryset(self.get_queryset())
-        serializer = self.get_serializer(queryset, many=True)
-        return Response(serializer.data)
-
    def update(self, request, pk):
        instance = self.get_object()
        serializer = self.get_serializer(instance, data=request.data, partial=True)