Apply the negation only to anonymous user and not whether the view.ac…

…tion is list.

Signed-off-by: Njagi Mwaniki <[email protected]>

onadata/apps/api/permissions.py

@@ -239,7 +239,7 @@ def has_permission(self, request, view):
         # To allow individual public dataviews to be visible on
         # `api/v1/dataviews/<pk>` but stop retreival of all dataviews when
         # the dataviews endpoint is queried `api/v1/dataviews`
-        return not (request.user.is_anonymous() and view.action == 'list')
+        return not request.user.is_anonymous() and view.action == 'list'
 
     def has_object_permission(self, request, view, obj):
         model_cls = Project