From 76c3ff7374513f201ff61f3a043a973efd0491ae Mon Sep 17 00:00:00 2001 From: Roberto Rosario Date: Fri, 10 Jul 2015 01:49:42 -0400 Subject: [PATCH] Remove the acl filter option 'exception_on_empty'. --- mayan/apps/acls/managers.py | 9 ++------- mayan/apps/documents/views.py | 10 +++++----- mayan/apps/folders/views.py | 2 +- mayan/apps/tags/views.py | 2 +- 4 files changed, 9 insertions(+), 14 deletions(-) diff --git a/mayan/apps/acls/managers.py b/mayan/apps/acls/managers.py index 27c547f12e..cffa9ff08d 100644 --- a/mayan/apps/acls/managers.py +++ b/mayan/apps/acls/managers.py @@ -62,7 +62,7 @@ class AccessControlListManager(models.Manager): if not self.filter(content_type=ContentType.objects.get_for_model(obj), object_id=obj.pk, permissions__in=stored_permissions, role__in=user_roles): raise PermissionDenied(ugettext('Insufficient access.')) - def filter_by_access(self, permission, user, queryset, exception_on_empty=False, related=None): + def filter_by_access(self, permission, user, queryset, related=None): if user.is_superuser or user.is_staff: return queryset @@ -85,9 +85,4 @@ class AccessControlListManager(models.Manager): content_type = ContentType.objects.get_for_model(queryset.model) acl_query = Q(pk__in=self.filter(content_type=content_type, role__in=user_roles, permissions=permission.stored_permission).values_list('object_id', flat=True)) - new_queryset = queryset.filter(parent_acl_query | acl_query) - - if new_queryset.count() == 0 and exception_on_empty: - raise PermissionDenied - - return new_queryset + return queryset.filter(parent_acl_query | acl_query) diff --git a/mayan/apps/documents/views.py b/mayan/apps/documents/views.py index b4e3418d97..624791ca98 100644 --- a/mayan/apps/documents/views.py +++ b/mayan/apps/documents/views.py @@ -296,7 +296,7 @@ def document_trash(request, document_id=None, document_id_list=None): try: Permission.check_permissions(request.user, [permission_document_trash]) except PermissionDenied: - documents = AccessControlList.objects.filter_by_access(permission_document_trash, request.user, documents, exception_on_empty=True) + documents = AccessControlList.objects.filter_by_access(permission_document_trash, request.user, documents) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -387,7 +387,7 @@ def document_document_type_edit(request, document_id=None, document_id_list=None try: Permission.check_permissions(request.user, [permission_document_properties_edit]) except PermissionDenied: - documents = AccessControlList.objects.filter_by_access(permission_document_properties_edit, request.user, documents, exception_on_empty=True) + documents = AccessControlList.objects.filter_by_access(permission_document_properties_edit, request.user, documents) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -473,7 +473,7 @@ def document_download(request, document_id=None, document_id_list=None, document try: Permission.check_permissions(request.user, [permission_document_download]) except PermissionDenied: - document_versions = AccessControlList.objects.filter_by_access(permission_document_download, request.user, document_versions, related='document', exception_on_empty=True) + document_versions = AccessControlList.objects.filter_by_access(permission_document_download, request.user, document_versions, related='document') subtemplates_list = [] subtemplates_list.append( @@ -581,7 +581,7 @@ def document_update_page_count(request, document_id=None, document_id_list=None) try: Permission.check_permissions(request.user, [permission_document_tools]) except PermissionDenied: - documents = AccessControlList.objects.filter_by_access(permission_document_tools, request.user, documents, exception_on_empty=True) + documents = AccessControlList.objects.filter_by_access(permission_document_tools, request.user, documents) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) @@ -633,7 +633,7 @@ def document_clear_transformations(request, document_id=None, document_id_list=N try: Permission.check_permissions(request.user, [permission_transformation_delete]) except PermissionDenied: - documents = AccessControlList.objects.filter_by_access(permission_transformation_delete, request.user, documents, exception_on_empty=True) + documents = AccessControlList.objects.filter_by_access(permission_transformation_delete, request.user, documents) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', post_redirect or reverse('documents:document_list')))) next = request.POST.get('next', request.GET.get('next', request.META.get('HTTP_REFERER', post_redirect or reverse('documents:document_list')))) diff --git a/mayan/apps/folders/views.py b/mayan/apps/folders/views.py index 972ee2a271..5dbe708c13 100644 --- a/mayan/apps/folders/views.py +++ b/mayan/apps/folders/views.py @@ -253,7 +253,7 @@ def folder_document_remove(request, folder_id, document_id=None, document_id_lis try: Permission.check_permissions(request.user, [permission_folder_remove_document]) except PermissionDenied: - folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents, exception_on_empty=True) + folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents) logger.debug('folder_documents (post permission check): %s', folder_documents) diff --git a/mayan/apps/tags/views.py b/mayan/apps/tags/views.py index ade97386e6..cc0bf4a6ad 100644 --- a/mayan/apps/tags/views.py +++ b/mayan/apps/tags/views.py @@ -254,7 +254,7 @@ def tag_remove(request, document_id=None, document_id_list=None, tag_id=None, ta try: Permission.check_permissions(request.user, [permission_tag_remove]) except PermissionDenied: - documents = AccessControlList.objects.filter_by_access(permission_tag_remove, request.user, documents, exception_on_empty=True) + documents = AccessControlList.objects.filter_by_access(permission_tag_remove, request.user, documents) post_action_redirect = None