Commit f38a8767 by Őry Máté

acl: extend get_objects_with_level options

group_also=True: also list objects with proper acl level for group
owner_also=False: also list objects owned (but wo/ acl perm)
parent 45ad0e7e
......@@ -176,7 +176,8 @@ class AclBase(Model):
return groups
def get_objects_with_level(cls, level, user):
def get_objects_with_level(cls, level, user,
group_also=True, owner_also=False):
logger.debug('%s.get_objects_with_level(%s,%s) called',
unicode(cls), unicode(level), unicode(user))
if user is None or not user.is_authenticated():
......@@ -189,10 +190,16 @@ class AclBase(Model):
logger.debug("- level set by str: %s", unicode(level))
ct = ContentType.objects.get_for_model(cls)
levelfilter = Q(users=user)
if group_also:
levelfilter |= Q(groups__in=user.groups.all())
ols = user.objectlevel_set.filter(
Q(users=user) | Q(groups__in=user.groups.all()),
content_type=ct, level__weight__gte=level.weight).distinct()
return cls.objects.filter(object_level_set__in=ols.all())
clsfilter = Q(object_level_set__in=ols.all())
if owner_also:
clsfilter |= Q(owner=user)
return cls.objects.filter(clsfilter)
class Meta:
abstract = True
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment