add permissions and jwt auth to journal calls

ed04f938 · Bill Filler · a2c9791d · ed04f938 · ed04f938
Commit ed04f938 authored Apr 19, 2018 by Bill Filler
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 3 deletions

ecommerce/journal/api/v1/views.py
+2 -0

ecommerce/journal/client.py
+4 -3

No files found.
--- a/ecommerce/journal/api/v1/views.py
+++ b/ecommerce/journal/api/v1/views.py
 '''JournalViewSet'''
 from oscar.core.loading import get_model
 from rest_framework import viewsets
+from rest_framework.permissions import IsAdminUser
 from ecommerce.journal.api.serializers import JournalProductSerializer
@@ -14,3 +15,4 @@ class JournalProductViewSet(viewsets.ModelViewSet):
    lookup_field = 'id'
    queryset = Product.objects.filter(product_class__name='Journal')
    serializer_class = JournalProductSerializer
+    permission_classes = (IsAdminUser,)
--- a/ecommerce/journal/client.py
+++ b/ecommerce/journal/client.py
@@ -17,9 +17,10 @@ def get_journals_service_client(site_configuration):
    """
    Returns Journals Service client
    """
-    #TODO: add access tokens
+    return EdxRestApiClient(
-    # return EdxRestApiClient(site_configuration.journals_api_url, jwt=site_configuration.access_token)
+        site_configuration.journals_api_url,
-    return EdxRestApiClient(site_configuration.journals_api_url)
+        jwt=site_configuration.access_token
+    )
 def post_journal_access(site_configuration, order_number, username, journal_uuid):