You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a developer with the new Roles facilities in pulpcore==3.17, you likely will want to filter by permissions with something like this example taken from this PR.
I think it should be mentioned that with_perms will probably call get_authenticated_user implicitly for the permission check. In that case we should probably create our own custom version that can be ran in tasks outside of a django view. Or we would need to make a rule to do all queryset permission checks inside a view before handing off to a task.
If we want to allow both of these syntaxes, we should specify, whether one or all of the permissions are needed: qs.with_perm("core.task_delete", "core.task_view") qs.with_perms(["core.task_delete", "core.task_view"])
This issue has been marked 'stale' due to lack of recent activity. If there is no further activity, the issue will be closed in another 30 days. Thank you for your contribution!
Author: @bmbouter (bmbouter)
Redmine Issue: 9613, https://pulp.plan.io/issues/9613
Motivation
As a developer with the new Roles facilities in pulpcore==3.17, you likely will want to filter by permissions with something like this example taken from this PR.
As you can see, this needs to determine who the current user is, and you can't build the queryset in one go by using chaining.
Proposal
Introduce a
with_perm
chainable call on all querysets for Pulp objects. It could be used like this:qs.with_perm("core.task_delete")
qs.with_perm("core.task_delete", "core.task_view")
qs.with_perms(["core.task_delete", "core.task_view"])
qs.with_perm("core.task_delete").with_perm( "core.task_view")
The text was updated successfully, but these errors were encountered: