[change] Set perms_map attribute

ManishShah120 · ManishShah120 · commit 2fe5487e2798 · 2021-05-27T16:12:31.000+05:30
diff --git a/openwisp_users/api/permissions.py b/openwisp_users/api/permissions.py
@@ -1,5 +1,3 @@
-import copy
-
 from django.utils.translation import gettext_lazy as _
 from rest_framework.permissions import BasePermission, DjangoModelPermissions
 from swapper import load_model
@@ -71,9 +69,15 @@ def validate_membership(self, user, org):
 
 
 class ViewDjangoModelPermissions(DjangoModelPermissions):
-    def __init__(self):
-        self.perms_map = copy.deepcopy(self.perms_map)
-        self.perms_map['GET'] = ['%(app_label)s.view_%(model_name)s']
+    perms_map = {
+        'GET': ['%(app_label)s.view_%(model_name)s'],
+        'OPTIONS': [],
+        'HEAD': ['%(app_label)s.view_%(model_name)s'],
+        'POST': ['%(app_label)s.add_%(model_name)s'],
+        'PUT': ['%(app_label)s.change_%(model_name)s'],
+        'PATCH': ['%(app_label)s.change_%(model_name)s'],
+        'DELETE': ['%(app_label)s.delete_%(model_name)s'],
+    }
 
     def has_permission(self, request, view):
         # Workaround to ensure DjangoModelPermissions are not applied
diff --git a/tests/testapp/views.py b/tests/testapp/views.py
@@ -171,7 +171,7 @@ def get_queryset(self):
         return shelf.book_set.all()
 
 
-class TemplateListCreateView(ListCreateAPIView):
+class TemplateListCreateView(FilterByOrganizationManaged, ListCreateAPIView):
     serializer_class = TemplateSerializer
     authentication_classes = (BearerAuthentication,)
     permission_classes = (
