From d0520dbaf4b488798d42382a6f62b694be4b50dc Mon Sep 17 00:00:00 2001
From: Vignesh Hari <vichuhari100@gmail.com>
Date: Fri, 24 Jul 2020 18:51:38 +0530
Subject: [PATCH] Fixed Users API Permission Levels

---
 care/users/api/viewsets/users.py | 33 ++++++++++++++++++--------------
 1 file changed, 19 insertions(+), 14 deletions(-)

diff --git a/care/users/api/viewsets/users.py b/care/users/api/viewsets/users.py
index 580136dcc6..bb7e3aaf53 100644
--- a/care/users/api/viewsets/users.py
+++ b/care/users/api/viewsets/users.py
@@ -21,20 +21,25 @@ class UserViewSet(
     queryset = User.objects.all().select_related("local_body", "district", "state")
     lookup_field = "username"
 
-    def get_permissions(self):
-        return [
-            DRYPermissions(),
-            IsAuthenticated(),
-        ]
-        # if self.request.method == "POST":
-        #     return [
-        #         DRYPermissions(),
-        #     ]
-        # else:
-        #     return [
-        #         IsAuthenticated(),
-        #         DRYPermissions(),
-        #     ]
+    permission_classes = (
+        IsAuthenticated,
+        DRYPermissions,
+    )
+
+    # def get_permissions(self):
+    #     return [
+    #         DRYPermissions(),
+    #         IsAuthenticated(),
+    #     ]
+    # if self.request.method == "POST":
+    #     return [
+    #         DRYPermissions(),
+    #     ]
+    # else:
+    #     return [
+    #         IsAuthenticated(),
+    #         DRYPermissions(),
+    #     ]
 
     def get_serializer_class(self):
         if self.action == "list" and not self.request.user.is_superuser: