From ba26387f09de20d9537d075dcea5221fb3532a5a Mon Sep 17 00:00:00 2001
From: Étienne Loks <etienne.loks@iggdrasil.net>
Date: Mon, 4 Nov 2024 17:55:21 +0100
Subject: ✨ permissions refactoring: manage deletion permissions - ♻
 refactoring "can_do"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ishtar_common/models.py | 40 +++++++++++++++++++++-------------------
 1 file changed, 21 insertions(+), 19 deletions(-)

(limited to 'ishtar_common/models.py')

diff --git a/ishtar_common/models.py b/ishtar_common/models.py
index bf2cd666a..5b2e3fdbf 100644
--- a/ishtar_common/models.py
+++ b/ishtar_common/models.py
@@ -71,7 +71,7 @@ from django.core.exceptions import (
 )
 from django.core.files.base import ContentFile
 from django.core.files.uploadedfile import SimpleUploadedFile
-from django.db import connection
+from django.db import connection, transaction
 from django.db.models import Q, Max, Count
 from django.db.models.signals import post_save, post_delete, m2m_changed
 from django.db.utils import DatabaseError
@@ -3440,7 +3440,8 @@ class GDPRLog(models.Model):
 
 
 class ProfileType(GeneralType):
-    groups = models.ManyToManyField(Group, verbose_name=_("Groups"), blank=True)
+    groups = models.ManyToManyField(Group, verbose_name=_("Groups"), blank=True,
+                                    related_name="profile_types")
     permission_requests = models.ManyToManyField(
         PermissionRequest, verbose_name=_("Permissions requests"), blank=True,
         related_name="profile_types"
@@ -3652,26 +3653,27 @@ class UserProfile(models.Model):
                     permission_type
                 )
         user_id = ishtar_user.user_ptr.pk
-        object_permissions = []
         item_ids = list(set(item_ids))
         permissions = list(set(permissions))
-        for permission in permissions:
-            permission_id = permission.pk
-            exclude = list(UserObjectPermission.objects.filter(
-                content_type_id=content_type.pk, permission_id=permission_id,
-                user_id=user_id
-            ).values_list("object_pk", flat=True))
-            object_permissions += [
-                UserObjectPermission(
-                    object_pk=str(item_id),
-                    content_type_id=content_type.pk,
-                    permission_id=permission_id,
+        with transaction.atomic():
+            object_permissions = []
+            for permission in permissions:
+                permission_id = permission.pk
+                exclude = list(UserObjectPermission.objects.filter(
+                    content_type_id=content_type.pk, permission_id=permission_id,
                     user_id=user_id
-                )
-                for item_id in item_ids if str(item_id) not in exclude
-            ]
-        if object_permissions:
-            UserObjectPermission.objects.bulk_create(object_permissions)
+                ).values_list("object_pk", flat=True))
+                object_permissions += [
+                    UserObjectPermission(
+                        object_pk=str(item_id),
+                        content_type_id=content_type.pk,
+                        permission_id=permission_id,
+                        user_id=user_id
+                    )
+                    for item_id in item_ids if str(item_id) not in exclude
+                ]
+            if object_permissions:
+                UserObjectPermission.objects.bulk_create(object_permissions)
 
     def save(
         self,
-- 
cgit v1.2.3