✨(api) retrieve mailboxes

add feature to retrieve mailboxes when having the right access

src/backend/mailbox_manager/api/client/serializers.py

@@ -83,7 +83,7 @@ class MailboxUpdateSerializer(MailboxSerializer):
             "secondary_email",
             "status",
         ]
-        read_only_fields = ("id", "status", "local_part", "status")
+        read_only_fields = ("id", "local_part", "status")
 
 
 class MailDomainSerializer(serializers.ModelSerializer):

src/backend/mailbox_manager/api/client/viewsets.py

@@ -232,6 +232,7 @@ class MailBoxViewSet(
     mixins.CreateModelMixin,
     mixins.ListModelMixin,
     mixins.UpdateModelMixin,
+    mixins.RetrieveModelMixin,
 ):
     """MailBox ViewSet
 

src/backend/mailbox_manager/api/permissions.py

@@ -1,5 +1,7 @@
 """Permission handlers for the People mailbox manager app."""
 
+from rest_framework import permissions
+
 from core.api import permissions as core_permissions
 
 from mailbox_manager import models
@@ -24,7 +26,7 @@ class MailBoxPermission(AccessPermission):
         return abilities.get(request.method.lower(), False)
 
 
-class IsMailboxOwnerPermission(core_permissions.IsAuthenticated):
+class IsMailboxOwnerPermission(permissions.BasePermission):
     """Authorize update for domain viewers on their own mailbox."""
 
     def has_permission(self, request, view):