From 81e9fd7a448829f7bde7b6aac98d49ffa587cceb Mon Sep 17 00:00:00 2001
From: Oliver Walters <oliver.henry.walters@gmail.com>
Date: Fri, 26 Feb 2021 14:26:37 +1100
Subject: [PATCH] Escape hatch if role not required

---
 InvenTree/InvenTree/permissions.py | 3 ++-
 InvenTree/part/api.py              | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/InvenTree/InvenTree/permissions.py b/InvenTree/InvenTree/permissions.py
index f879559f11..f4aa7f532c 100644
--- a/InvenTree/InvenTree/permissions.py
+++ b/InvenTree/InvenTree/permissions.py
@@ -63,7 +63,8 @@ class RolePermission(permissions.BasePermission):
         role = getattr(view, 'role_required', None)
 
         if not role:
-            raise AttributeError(f"'role_required' not specified for view {type(view).__name__}")
+            # Role not specified - allow access
+            return True
         
         roles = []
 
diff --git a/InvenTree/part/api.py b/InvenTree/part/api.py
index 71e1d63314..72cd035514 100644
--- a/InvenTree/part/api.py
+++ b/InvenTree/part/api.py
@@ -373,6 +373,8 @@ class PartList(generics.ListCreateAPIView):
 
     queryset = Part.objects.all()
 
+    role_required = 'part'
+
     starred_parts = None
 
     def get_serializer(self, *args, **kwargs):