♻️(backend) refactor post hackathon to a first working version

This project was copied and hacked to make a POC in a 2-day hackathon.
We need to clean and refactor things in order to get a first version
of the product we want.

src/backend/core/api/permissions.py

@@ -11,7 +11,16 @@ class IsAuthenticated(permissions.BasePermission):
     """
 
     def has_permission(self, request, view):
-        return bool(request.auth) if request.auth else request.user.is_authenticated
+        return bool(request.auth) or request.user.is_authenticated
+
+
+class IsAuthenticatedOrSafe(IsAuthenticated):
+    """Allows access to authenticated users (or anonymous users but only on safe methods)."""
+
+    def has_permission(self, request, view):
+        if request.method in permissions.SAFE_METHODS:
+            return True
+        return super().has_permission(request, view)
 
 
 class IsSelf(IsAuthenticated):
@@ -45,10 +54,10 @@ class IsOwnedOrPublic(IsAuthenticated):
             return False
 
 
-class AccessPermission(IsAuthenticated):
+class AccessPermission(permissions.BasePermission):
     """Permission class for access objects."""
 
     def has_object_permission(self, request, view, obj):
         """Check permission for a given object."""
         abilities = obj.get_abilities(request.user)
-        return abilities.get(request.method.lower(), False)
+        return abilities.get(view.action, False)