From fbf68c242f5b1285f9ce6f0032441fa2da4b6883 Mon Sep 17 00:00:00 2001
From: Tudor Amariei <tudor.amariei@commitglobal.org>
Date: Wed, 6 Nov 2024 14:06:51 +0200
Subject: [PATCH] Fix over-zealous validation

---
 backend/hub/views.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/backend/hub/views.py b/backend/hub/views.py
index 1cb7b83f..d6691b15 100644
--- a/backend/hub/views.py
+++ b/backend/hub/views.py
@@ -816,18 +816,15 @@ def post(self, request, *args, **kwargs):
 
         user = self.request.user
         user_org: Organization = user.organization
-        candidate: Candidate = self.object
+        candidate: Candidate = self.get_object()
 
         if not user_org:
             raise PermissionDenied
 
-        if not user_org.is_complete_for_candidate:
-            raise PermissionDenied
-
         if not candidate:
             raise PermissionDenied
 
-        if not candidate.is_complete:
+        if not candidate == user_org.candidate:
             raise PermissionDenied
 
         return super().post(request, *args, **kwargs)