From b6df5f427c14e2252c7d308963998b6356276467 Mon Sep 17 00:00:00 2001
From: Jon <jnation@lco.global>
Date: Fri, 26 Jul 2024 00:05:17 +0000
Subject: [PATCH] Changed api permissions to be authenticated instead of admin.
 Only internal authenticated users can access downtimedb anyway since it is
 not externally accessible on the web

---
 downtime/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/downtime/settings.py b/downtime/settings.py
index 2b0a0fd..e28bbf7 100644
--- a/downtime/settings.py
+++ b/downtime/settings.py
@@ -122,7 +122,7 @@
         'ocs_authentication.backends.OCSTokenAuthentication',  # Allows authentication against Oauth Servers api_token
         'rest_framework.authentication.SessionAuthentication',
     ),
-    'DEFAULT_PERMISSION_CLASSES': ('ocs_authentication.permissions.IsAdminOrReadOnly',),
+    'DEFAULT_PERMISSION_CLASSES': ('rest_framework.permissions.IsAuthenticatedOrReadOnly',),
     'DEFAULT_FILTER_BACKENDS': ('django_filters.rest_framework.DjangoFilterBackend',),
     'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.NamespaceVersioning',
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.LimitOffsetPagination',