From e2997a66520794274a649564ec2195c5cc283fb5 Mon Sep 17 00:00:00 2001
From: Raffu Khondaker <2022rkhondak@tjhsst.edu>
Date: Sun, 7 Jun 2020 01:11:33 -0400
Subject: [PATCH] permissions

---
 Website/api/views.py          | 9 +++++++--
 Website/skoolsite/settings.py | 5 ++++-
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/Website/api/views.py b/Website/api/views.py
index c5f7b70..f02ade8 100644
--- a/Website/api/views.py
+++ b/Website/api/views.py
@@ -17,6 +17,8 @@ class TeacherViewSet(viewsets.ModelViewSet):
     """
     queryset = Teacher.objects.all()
     serializer_class = TeacherSerializer
+    permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
+
 
 class ClassesViewSet(viewsets.ModelViewSet):
     """
@@ -24,11 +26,14 @@ class ClassesViewSet(viewsets.ModelViewSet):
     """
     queryset = Classes.objects.all()
     serializer_class = ClassesSerializer
+    permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
+
 
 class AssignmentViewSet(viewsets.ModelViewSet):
     """
     API endpoint that allows users to be viewed or edited.
     """
-    permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
+    permissions_classes = [permissions.IsAdminUser]
     queryset = Assignment.objects.all()
-    serializer_class = AssignmentSerializer
\ No newline at end of file
+    serializer_class = AssignmentSerializer
+    permissions_classes = [permissions.IsAuthenticatedOrReadOnly]
diff --git a/Website/skoolsite/settings.py b/Website/skoolsite/settings.py
index 82549f8..b5bda98 100644
--- a/Website/skoolsite/settings.py
+++ b/Website/skoolsite/settings.py
@@ -44,7 +44,10 @@ INSTALLED_APPS = [
 
 REST_FRAMEWORK = {
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
-    'PAGE_SIZE': 10
+    'PAGE_SIZE': 10,
+    'DEFAULT_PERMISSION_CLASSES': [
+    'rest_framework.permissions.IsAuthenticated',
+    ]
 }
 
 MIDDLEWARE = [