From 14e37a501774e5772fcef5bf5f1451e3f0d1126e Mon Sep 17 00:00:00 2001
From: yann <yann@needsome.coffee>
Date: Thu, 12 Jun 2025 09:57:03 +0200
Subject: [PATCH] fixed author permissions for comment

---
 softdesk/support/views.py | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/softdesk/support/views.py b/softdesk/support/views.py
index d35cb75..c3440d2 100644
--- a/softdesk/support/views.py
+++ b/softdesk/support/views.py
@@ -237,3 +237,18 @@ class CommentViewSet(ModelViewSet):
                 return Response(response, status=status.HTTP_201_CREATED)
         response = {"detail": f"{user} isn't contributor for '{project}'"}
         return Response(response, status=status.HTTP_403_FORBIDDEN)
+
+    def partial_update(self, request, *args, **kwargs):
+        """
+        check if requestor is author
+        then save changes and returns project details
+        """
+        comment = self.get_object()
+        if request.user != comment.author:
+            raise PermissionDenied()
+        serialized = CommentDetailSerializer(comment,
+                                             data=request.data,
+                                             partial=True)
+        if serialized.is_valid(raise_exception=True):
+            serialized.save()
+            return Response(serialized.data)