From d5079d9ffc16c9729038116ae3d39ceef2e3dbf3 Mon Sep 17 00:00:00 2001
From: Ildar Iskhakov <Ildar.iskhakov@grafana.com>
Date: Wed, 22 Mar 2023 15:25:30 +0800
Subject: [PATCH] Add rbac to teams endpoint (#1592)

# What this PR does

## Which issue(s) this PR fixes

## Checklist

- [ ] Tests updated
- [ ] Documentation added
- [ ] `CHANGELOG.md` updated
---
 engine/apps/api/views/team.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/engine/apps/api/views/team.py b/engine/apps/api/views/team.py
index 84b84203..a7395483 100644
--- a/engine/apps/api/views/team.py
+++ b/engine/apps/api/views/team.py
@@ -2,6 +2,7 @@ from rest_framework import mixins, viewsets
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 
+from apps.api.permissions import RBACPermission
 from apps.api.serializers.team import TeamSerializer
 from apps.auth_token.auth import PluginAuthentication
 from apps.mobile_app.auth import MobileAppAuthTokenAuthentication
@@ -14,7 +15,12 @@ class TeamViewSet(PublicPrimaryKeyMixin, mixins.ListModelMixin, mixins.UpdateMod
         MobileAppAuthTokenAuthentication,
         PluginAuthentication,
     )
-    permission_classes = (IsAuthenticated,)
+    permission_classes = (IsAuthenticated, RBACPermission)
+    rbac_permissions = {
+        "list": [RBACPermission.Permissions.OTHER_SETTINGS_READ],
+        "retrieve": [RBACPermission.Permissions.OTHER_SETTINGS_READ],
+        "update": [RBACPermission.Permissions.OTHER_SETTINGS_WRITE],
+    }
 
     serializer_class = TeamSerializer