diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2025-01-09 17:21:58 +0100 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2025-02-19 14:45:56 +0100 |
| commit | 26e3b520a236c6afdf3282b71a4f959b328de551 (patch) | |
| tree | dcc44f34176459360161cde7e27b41d8c736c3eb /ishtar_common/models.py | |
| parent | 13f9202121e5470827174079da7fc699a8227295 (diff) | |
| download | Ishtar-26e3b520a236c6afdf3282b71a4f959b328de551.tar.bz2 Ishtar-26e3b520a236c6afdf3282b71a4f959b328de551.zip | |
🐛 add permission for created object to the current user (fix #6118)
Diffstat (limited to 'ishtar_common/models.py')
| -rw-r--r-- | ishtar_common/models.py | 40 |
1 files changed, 24 insertions, 16 deletions
diff --git a/ishtar_common/models.py b/ishtar_common/models.py index 1540597f9..9197a67bf 100644 --- a/ishtar_common/models.py +++ b/ishtar_common/models.py @@ -3637,7 +3637,11 @@ class UserProfile(models.Model): return new_item def _generate_permission(self, ishtar_user, content_type, permission_query, - permissions, permission_type): + permissions, permission_type, obj_id=None): + if obj_id: + if permission_query.include_associated_items: + return [obj_id] + return item_ids = [] model_class = content_type.model_class() if permission_query.include_associated_items: @@ -3703,18 +3707,19 @@ class UserProfile(models.Model): return item_ids def generate_permission(self, content_type, permission_type, - base_permission_only=False): + base_permission_only=False, obj_id=None): ishtar_user = self.person.ishtaruser if self.expiration_date and self.expiration_date < datetime.date.today(): return # add base permissions - for group in self.profile_type.groups.all(): - for perm in group.permissions.filter( - content_type=content_type, - codename__startswith=permission_type).all(): - ishtar_user.user_ptr.user_permissions.add(perm) + if not obj_id: + for group in self.profile_type.groups.all(): + for perm in group.permissions.filter( + content_type=content_type, + codename__startswith=permission_type).all(): + ishtar_user.user_ptr.user_permissions.add(perm) if base_permission_only: return @@ -3739,19 +3744,22 @@ class UserProfile(models.Model): # DEBUG # print(f"WARNING: no permission request for content {content_type.name} and profile {self}") # print("Using old behaviour") - model_class = content_type.model_class() - query = None - if hasattr(model_class, "get_owns"): - query = model_class.get_owns(user=ishtar_user, query=True, no_auth_check=True) - if query: - item_ids = list( - model_class.objects.filter(query).values_list("pk", flat=True) - ) + if obj_id: + item_ids = [obj_id] + else: + model_class = content_type.model_class() + query = None + if hasattr(model_class, "get_owns"): + query = model_class.get_owns(user=ishtar_user, query=True, no_auth_check=True) + if query: + item_ids = list( + model_class.objects.filter(query).values_list("pk", flat=True) + ) else: for perm_request in q_req.all(): item_ids += self._generate_permission( ishtar_user, content_type, perm_request, permissions, - permission_type + permission_type, obj_id=obj_id ) user_id = ishtar_user.user_ptr.pk item_ids = list(set(item_ids)) |