Fix api permissions

hypha/apply/api/v1/permissions.py

@@ -20,19 +20,26 @@ class IsApplyStaffUser(permissions.BasePermission):
 
 class IsFinance1User(permissions.BasePermission):
     def has_permission(self, request, view):
-        invoice = view.get_invoice_object()
-        return request.user.is_finance_level_1 and invoice.can_user_edit_deliverables(request.user)
+        return request.user.is_finance_level_1
 
     def has_object_permission(self, request, view, obj):
-        invoice = view.get_invoice_object()
-        return request.user.is_finance_level_1 and invoice.can_user_edit_deliverables(request.user)
-
+        return request.user.is_finance_level_1
 
 class IsFinance2User(permissions.BasePermission):
     def has_permission(self, request, view):
-        invoice = view.get_invoice_object()
-        return request.user.is_finance_level_2 and invoice.can_user_edit_deliverables(request.user)
+        return request.user.is_finance_level_2
 
     def has_object_permission(self, request, view, obj):
+        return request.user.is_finance_level_2
+
+
+class HasDeliverableEditPermission(permissions.BasePermission):
+    def has_permission(self, request, view):
         invoice = view.get_invoice_object()
-        return request.user.is_finance_level_2 and invoice.can_user_edit_deliverables(request.user)
+        return invoice.can_user_edit_deliverables(request.user)
+
+
+class HasRequiredChecksPermission(permissions.BasePermission):
+    def has_permission(self, request, view):
+        invoice = view.get_object()
+        return invoice.can_user_complete_required_checks(request.user)

hypha/apply/api/v1/projects/views.py

@@ -9,7 +9,11 @@ from hypha.apply.projects.models.payment import Invoice, InvoiceDeliverable
 from hypha.apply.projects.models.project import Deliverable
 
 from ..mixin import InvoiceNestedMixin, ProjectNestedMixin
-from ..permissions import IsApplyStaffUser, IsFinance1User, IsFinance2User
+from ..permissions import (
+    IsApplyStaffUser, IsFinance1User, IsFinance2User,
+    HasDeliverableEditPermission, HasRequiredChecksPermission
+)
+
 from .serializers import (
     DeliverableSerializer,
     InvoiceDeliverableListSerializer,
@@ -25,7 +29,8 @@ class DeliverableViewSet(
     viewsets.GenericViewSet
 ):
     permission_classes = (
-        permissions.IsAuthenticated, IsApplyStaffUser | IsFinance1User | IsFinance2User
+        permissions.IsAuthenticated, HasDeliverableEditPermission,
+        IsApplyStaffUser | IsFinance1User | IsFinance2User
     )
     serializer_class = InvoiceDeliverableListSerializer
     pagination_class = None
@@ -81,12 +86,9 @@ class InvoiceRequiredChecksViewSet(
     viewsets.GenericViewSet,
 ):
     serializer_class = InvoiceRequiredChecksSerializer
-    permission_classes = [IsFinance1User]
+    permission_classes = [IsFinance1User, HasRequiredChecksPermission]
     queryset = Invoice.objects.all()
 
-    def get_invoice_object(self):
-        return self.get_object()
-
     @action(detail=True, methods=['post'])
     def set_required_checks(self, request, *args, **kwargs):
         serializer = self.get_serializer(data=request.data)