Remove the acl filter option 'exception_on_empty'.

mayan/apps/acls/managers.py

@@ -62,7 +62,7 @@ class AccessControlListManager(models.Manager):
         if not self.filter(content_type=ContentType.objects.get_for_model(obj), object_id=obj.pk, permissions__in=stored_permissions, role__in=user_roles):
             raise PermissionDenied(ugettext('Insufficient access.'))
 
-    def filter_by_access(self, permission, user, queryset, exception_on_empty=False, related=None):
+    def filter_by_access(self, permission, user, queryset, related=None):
         if user.is_superuser or user.is_staff:
             return queryset
 
@@ -85,9 +85,4 @@ class AccessControlListManager(models.Manager):
         content_type = ContentType.objects.get_for_model(queryset.model)
         acl_query = Q(pk__in=self.filter(content_type=content_type, role__in=user_roles, permissions=permission.stored_permission).values_list('object_id', flat=True))
 
-        new_queryset = queryset.filter(parent_acl_query | acl_query)
-
-        if new_queryset.count() == 0 and exception_on_empty:
-            raise PermissionDenied
-
-        return new_queryset
+        return queryset.filter(parent_acl_query | acl_query)

mayan/apps/documents/views.py

@@ -296,7 +296,7 @@ def document_trash(request, document_id=None, document_id_list=None):
     try:
         Permission.check_permissions(request.user, [permission_document_trash])
     except PermissionDenied:
-        documents = AccessControlList.objects.filter_by_access(permission_document_trash, request.user, documents, exception_on_empty=True)
+        documents = AccessControlList.objects.filter_by_access(permission_document_trash, request.user, documents)
 
     previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
     next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
@@ -387,7 +387,7 @@ def document_document_type_edit(request, document_id=None, document_id_list=None
     try:
         Permission.check_permissions(request.user, [permission_document_properties_edit])
     except PermissionDenied:
-        documents = AccessControlList.objects.filter_by_access(permission_document_properties_edit, request.user, documents, exception_on_empty=True)
+        documents = AccessControlList.objects.filter_by_access(permission_document_properties_edit, request.user, documents)
 
     previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
     next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
@@ -473,7 +473,7 @@ def document_download(request, document_id=None, document_id_list=None, document
     try:
         Permission.check_permissions(request.user, [permission_document_download])
     except PermissionDenied:
-        document_versions = AccessControlList.objects.filter_by_access(permission_document_download, request.user, document_versions, related='document', exception_on_empty=True)
+        document_versions = AccessControlList.objects.filter_by_access(permission_document_download, request.user, document_versions, related='document')
 
     subtemplates_list = []
     subtemplates_list.append(
@@ -581,7 +581,7 @@ def document_update_page_count(request, document_id=None, document_id_list=None)
     try:
         Permission.check_permissions(request.user, [permission_document_tools])
     except PermissionDenied:
-        documents = AccessControlList.objects.filter_by_access(permission_document_tools, request.user, documents, exception_on_empty=True)
+        documents = AccessControlList.objects.filter_by_access(permission_document_tools, request.user, documents)
 
     previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))))
 
@@ -633,7 +633,7 @@ def document_clear_transformations(request, document_id=None, document_id_list=N
     try:
         Permission.check_permissions(request.user, [permission_transformation_delete])
     except PermissionDenied:
-        documents = AccessControlList.objects.filter_by_access(permission_transformation_delete, request.user, documents, exception_on_empty=True)
+        documents = AccessControlList.objects.filter_by_access(permission_transformation_delete, request.user, documents)
 
     previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', post_redirect or reverse('documents:document_list'))))
     next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', post_redirect or reverse('documents:document_list'))))

mayan/apps/folders/views.py

@@ -253,7 +253,7 @@ def folder_document_remove(request, folder_id, document_id=None, document_id_lis
     try:
         Permission.check_permissions(request.user, [permission_folder_remove_document])
     except PermissionDenied:
-        folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents, exception_on_empty=True)
+        folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents)
 
     logger.debug('folder_documents (post permission check): %s', folder_documents)
 

mayan/apps/tags/views.py

@@ -254,7 +254,7 @@ def tag_remove(request, document_id=None, document_id_list=None, tag_id=None, ta
     try:
         Permission.check_permissions(request.user, [permission_tag_remove])
     except PermissionDenied:
-        documents = AccessControlList.objects.filter_by_access(permission_tag_remove, request.user, documents, exception_on_empty=True)
+        documents = AccessControlList.objects.filter_by_access(permission_tag_remove, request.user, documents)
 
     post_action_redirect = None