From d9ec397a4f113916a77f942a3dfd2d1a91078a61 Mon Sep 17 00:00:00 2001
From: sniedzielski <sniedzielski@soldevelo.com>
Date: Wed, 21 Aug 2024 12:22:05 +0200
Subject: [PATCH] OM-242: added additional checks in create worker mutation

---
 worker_voucher/gql_mutations.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/worker_voucher/gql_mutations.py b/worker_voucher/gql_mutations.py
index b199288..ffa0d46 100644
--- a/worker_voucher/gql_mutations.py
+++ b/worker_voucher/gql_mutations.py
@@ -42,6 +42,9 @@ class Input(CreateInsureeInputType):
 
     @classmethod
     def async_mutate(cls, user, **data):
+        if (not user.is_imis_admin
+                and user.has_perms(WorkerVoucherConfig.gql_worker_voucher_search_all_perms)):
+            return [{"message": _("workers.user_with_that_permission_cannot_create_worker")}]
         user_policyholders = PolicyHolder.objects.filter(
             policyholder_user_filter(user)).values_list('id', flat=True)
         economic_unit_code = data.pop('economic_unit_code', None)