no need to be static after all

apps/permission/backends.py

@@ -89,7 +89,6 @@ class PermissionBackend(ModelBackend):
             query = query | perm.query
         return query
 
-    @staticmethod
     def has_perm(self, user_obj, perm, obj=None):
         if user_obj is None or isinstance(user_obj, AnonymousUser):
             return False

apps/permission/permissions.py

@@ -42,7 +42,7 @@ class StrongDjangoObjectPermissions(DjangoObjectPermissions):
 
         perms = self.get_required_object_permissions(request.method, model_cls)
         # if not user.has_perms(perms, obj):
-        if not all(PermissionBackend.has_perm(user, perm, obj) for perm in perms):
+        if not all(PermissionBackend().has_perm(user, perm, obj) for perm in perms):
             # If the user does not have permissions we need to determine if
             # they have read permissions to see 403, or not, and simply see
             # a 404 response.