From 774e59c10306f7a4e5dab6c1c78294dd6300ef1a Mon Sep 17 00:00:00 2001
From: Pranshu Aggarwal <70687348+Pranshu1902@users.noreply.github.com>
Date: Tue, 3 Oct 2023 14:12:32 +0530
Subject: [PATCH] Add an endpoint to delete project (#337)

* add delete endpoint

* only allow admins
---
 ayushma/views/project.py | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/ayushma/views/project.py b/ayushma/views/project.py
index 8818b8a8..52e68f6f 100644
--- a/ayushma/views/project.py
+++ b/ayushma/views/project.py
@@ -2,7 +2,12 @@
 from django_filters.rest_framework import DjangoFilterBackend
 from drf_spectacular.utils import extend_schema, extend_schema_view
 from rest_framework import filters
-from rest_framework.mixins import CreateModelMixin, ListModelMixin, RetrieveModelMixin
+from rest_framework.mixins import (
+    CreateModelMixin,
+    DestroyModelMixin,
+    ListModelMixin,
+    RetrieveModelMixin,
+)
 from rest_framework.permissions import IsAdminUser, IsAuthenticated
 from rest_framework.response import Response
 
@@ -18,6 +23,7 @@ class ProjectViewSet(
     ListModelMixin,
     RetrieveModelMixin,
     CreateModelMixin,
+    DestroyModelMixin,
 ):
     queryset = Project.objects.all()
     filter_backends = (filters.SearchFilter, DjangoFilterBackend)
@@ -31,6 +37,14 @@ class ProjectViewSet(
     }
     lookup_field = "external_id"
 
+    def destroy(self, request, *args, **kwargs):
+        if self.request.user.is_staff:
+            return super().destroy(request, *args, **kwargs)
+        return Response(
+            {"non_field_errors": "You do not have permission to delete this project"},
+            status=400,
+        )
+
     def get_serializer_class(self):
         if self.request.user.is_staff:
             return ProjectUpdateSerializer