return Group.objects.filter(id__in=group_object_perm_group_ids).distinct()
-def set_permissions_for_object(permissions: list[str], object, *, merge: bool = False):
+def set_permissions_for_object(permissions: dict, object, *, merge: bool = False):
"""
- Set permissions for an object. The permissions are given as a list of strings
- in the format "action_modelname", e.g. "view_document".
+ Set permissions for an object. The permissions are given as a mapping of actions
+ to a dict of user / group id lists, e.g.
+ {"view": {"users": [1], "groups": [2]}, "change": {"users": [], "groups": []}}.
If merge is True, the permissions are merged with the existing permissions and
no users or groups are removed. If False, the permissions are set to exactly
the given list of users and groups.
"""
- for action in permissions:
+ for action, entry in permissions.items():
permission = f"{action}_{object.__class__.__name__.lower()}"
- if "users" in permissions[action]:
+ if "users" in entry:
# users
- users_to_add = User.objects.filter(id__in=permissions[action]["users"])
+ users_to_add = User.objects.filter(id__in=entry["users"])
users_to_remove = (
get_users_with_perms(
object,
user,
object,
)
- if "groups" in permissions[action]:
+ if "groups" in entry:
# groups
- groups_to_add = Group.objects.filter(id__in=permissions[action]["groups"])
+ groups_to_add = Group.objects.filter(id__in=entry["groups"])
groups_to_remove = (
get_groups_with_only_permission(
object,
content_type__app_label="admin",
),
)
- set_permissions([4, 5], set_permissions=[], owner=user2, merge=False)
+ set_permissions([4, 5], set_permissions={}, owner=user2, merge=False)
with index.open_index_writer() as writer:
index.update_document(writer, d1)
projects / thirdparty / paperless-ngx.git / commitdiff
