From 2784e3227688e288a4cc724ac4523587e2db4430 Mon Sep 17 00:00:00 2001
From: Laurent <laurent@staxriver.com>
Date: Wed, 12 Jun 2024 17:52:40 +0200
Subject: [PATCH] Better permission definition

---
 api/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/views.py b/api/views.py
index ea9f611..2e14092 100644
--- a/api/views.py
+++ b/api/views.py
@@ -33,7 +33,7 @@ class UserViewSet(viewsets.ModelViewSet):
 class ClubViewSet(viewsets.ModelViewSet):
     queryset = Club.objects.all()
     serializer_class = ClubSerializer
-    permission_classes = [IsClubOwner] # Clubs are public whereas the other requests are only for logged users
+    permission_classes = [IsAuthenticated, IsClubOwner] # Clubs are public whereas the other requests are only for logged users
 
     def perform_create(self, serializer):
         serializer.save(creator=self.request.user)