Merge pull request #3347 from paperless-ngx/fix/issue-3346

Fix: default frontend to current owner, allow setting no owner on create

diff --cc src/documents/tests/test_api.py
index dd872fe78e437f962a6667e5101cf64cb2af724b,325ba3814722a01a8794ec39530c202984057a05..6c08b695557c8bfe1d5e9c73a4a28388dea02c58
--- 1/src/documents/tests/test_api.py
--- 2/src/documents/tests/test_api.py
+++ b/src/documents/tests/test_api.py
@@@ -3550,29 -3532,81 +3550,100 @@@ class TestApiAuth(DirectoriesMixin, API
              status.HTTP_404_NOT_FOUND,
          )
  
+     def test_api_set_permissions(self):
+         """
+         GIVEN:
+             - API request to create an object (Tag) that supplies set_permissions object
+         WHEN:
+             - owner is passed as null or as a user id
+             - view > users is set
+         THEN:
+             - Object permissions are set appropriately
+         """
+         user1 = User.objects.create_superuser(username="user1")
+         user2 = User.objects.create(username="user2")
+ 
+         self.client.force_authenticate(user1)
+ 
+         response = self.client.post(
+             "/api/tags/",
+             json.dumps(
+                 {
+                     "name": "test1",
+                     "matching_algorithm": MatchingModel.MATCH_AUTO,
+                     "set_permissions": {
+                         "owner": None,
+                         "view": {
+                             "users": None,
+                             "groups": None,
+                         },
+                         "change": {
+                             "users": None,
+                             "groups": None,
+                         },
+                     },
+                 },
+             ),
+             content_type="application/json",
+         )
+ 
+         self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+ 
+         tag1 = Tag.objects.filter(name="test1").first()
+         self.assertEqual(tag1.owner, None)
+ 
+         response = self.client.post(
+             "/api/tags/",
+             json.dumps(
+                 {
+                     "name": "test2",
+                     "matching_algorithm": MatchingModel.MATCH_AUTO,
+                     "set_permissions": {
+                         "owner": user1.id,
+                         "view": {
+                             "users": [user2.id],
+                             "groups": None,
+                         },
+                         "change": {
+                             "users": None,
+                             "groups": None,
+                         },
+                     },
+                 },
+             ),
+             content_type="application/json",
+         )
+ 
+         tag2 = Tag.objects.filter(name="test2").first()
+ 
+         from guardian.core import ObjectPermissionChecker
+ 
+         checker = ObjectPermissionChecker(user2)
+         self.assertEqual(checker.has_perm("view_tag", tag2), True)
+ 
      def test_dynamic_permissions_fields(self):
 +        user1 = User.objects.create_user(username="user1")
 +        user1.user_permissions.add(*Permission.objects.filter(codename="view_document"))
 +        user2 = User.objects.create_user(username="user2")
 +
          Document.objects.create(title="Test", content="content 1", checksum="1")
 +        doc2 = Document.objects.create(
 +            title="Test2",
 +            content="content 2",
 +            checksum="2",
 +            owner=user2,
 +        )
 +        doc3 = Document.objects.create(
 +            title="Test3",
 +            content="content 3",
 +            checksum="3",
 +            owner=user2,
 +        )
 +
 +        assign_perm("view_document", user1, doc2)
 +        assign_perm("view_document", user1, doc3)
 +        assign_perm("change_document", user1, doc3)
  
 -        user1 = User.objects.create_superuser(username="test1")
          self.client.force_authenticate(user1)
  
          response = self.client.get(