from rest_framework.permissions import IsAuthenticated
from rest_framework import viewsets, generics
from .serializers import TransactionSerializer
from .models import Transaction


class TransactionViewSet(viewsets.ModelViewSet):
    # Only allow GET, POST/CREATE
    # Transactions cannot be deleted
    http_method_names = ['get', 'post', 'patch']
    permission_classes = [IsAuthenticated]
    serializer_class = TransactionSerializer
    queryset = Transaction.objects.all()