diff --git a/resolwe/flow/views/data.py b/resolwe/flow/views/data.py
index f4e091731..db6ea196f 100644
--- a/resolwe/flow/views/data.py
+++ b/resolwe/flow/views/data.py
@@ -2,14 +2,7 @@
 
 from django.db.models import Prefetch
 from drf_spectacular.utils import extend_schema
-from rest_framework import (
-    exceptions,
-    mixins,
-    permissions,
-    serializers,
-    status,
-    viewsets,
-)
+from rest_framework import exceptions, mixins, serializers, status, viewsets
 from rest_framework.decorators import action
 from rest_framework.response import Response
 
@@ -33,19 +26,7 @@
     ResolweCreateModelMixin,
     ResolweUpdateModelMixin,
 )
-from .utils import get_collection_for_user
-
-
-class IsStaffuser(permissions.BasePermission):
-    """Allow access only to staff users."""
-
-    message = "Only staff users are allowed."
-
-    def has_permission(self, request, view):
-        """Return true when request is allowed."""
-        return bool(
-            request.user and request.user.is_authenticated and request.user.is_staff
-        )
+from .utils import IsStaffuser, get_collection_for_user
 
 
 class MoveDataToCollectionSerializer(serializers.Serializer):
diff --git a/resolwe/flow/views/utils.py b/resolwe/flow/views/utils.py
index f22a0488a..f66e735ae 100644
--- a/resolwe/flow/views/utils.py
+++ b/resolwe/flow/views/utils.py
@@ -22,6 +22,18 @@ def get_collection_for_user(collection_id, user):
     return collection
 
 
+class IsStaffuser(permissions.BasePermission):
+    """Allow access only to staff users."""
+
+    message = "Only staff users are allowed."
+
+    def has_permission(self, request, view):
+        """Return true when request is allowed."""
+        return bool(
+            request.user and request.user.is_authenticated and request.user.is_staff
+        )
+
+
 class IsStaffOrTargetUser(permissions.BasePermission):
     """Permission class for user endpoint."""