1 files changed, 24 insertions, 16 deletions

diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index 1540597f9..9197a67bf 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -3637,7 +3637,11 @@ class UserProfile(models.Model):
         return new_item
 
     def _generate_permission(self, ishtar_user, content_type, permission_query,
-                             permissions, permission_type):
+                             permissions, permission_type, obj_id=None):
+        if obj_id:
+            if permission_query.include_associated_items:
+                return [obj_id]
+            return
         item_ids = []
         model_class = content_type.model_class()
         if permission_query.include_associated_items:
@@ -3703,18 +3707,19 @@ class UserProfile(models.Model):
         return item_ids
 
     def generate_permission(self, content_type, permission_type,
-                            base_permission_only=False):
+                            base_permission_only=False, obj_id=None):
         ishtar_user = self.person.ishtaruser
 
         if self.expiration_date and self.expiration_date < datetime.date.today():
             return
 
         # add base permissions
-        for group in self.profile_type.groups.all():
-            for perm in group.permissions.filter(
-                    content_type=content_type,
-                    codename__startswith=permission_type).all():
-                ishtar_user.user_ptr.user_permissions.add(perm)
+        if not obj_id:
+            for group in self.profile_type.groups.all():
+                for perm in group.permissions.filter(
+                        content_type=content_type,
+                        codename__startswith=permission_type).all():
+                    ishtar_user.user_ptr.user_permissions.add(perm)
         if base_permission_only:
             return
 
@@ -3739,19 +3744,22 @@ class UserProfile(models.Model):
             # DEBUG
             # print(f"WARNING: no permission request for content {content_type.name} and profile {self}")
             # print("Using old behaviour")
-            model_class = content_type.model_class()
-            query = None
-            if hasattr(model_class, "get_owns"):
-                query = model_class.get_owns(user=ishtar_user, query=True, no_auth_check=True)
-            if query:
-                item_ids = list(
-                    model_class.objects.filter(query).values_list("pk", flat=True)
-                )
+            if obj_id:
+                item_ids = [obj_id]
+            else:
+                model_class = content_type.model_class()
+                query = None
+                if hasattr(model_class, "get_owns"):
+                    query = model_class.get_owns(user=ishtar_user, query=True, no_auth_check=True)
+                if query:
+                    item_ids = list(
+                        model_class.objects.filter(query).values_list("pk", flat=True)
+                    )
         else:
             for perm_request in q_req.all():
                 item_ids += self._generate_permission(
                     ishtar_user, content_type, perm_request, permissions,
-                    permission_type
+                    permission_type, obj_id=obj_id
                 )
         user_id = ishtar_user.user_ptr.pk
         item_ids = list(set(item_ids))