diff --git a/guardian/core.py b/guardian/core.py index fa0722d2..2721bf4a 100644 --- a/guardian/core.py +++ b/guardian/core.py @@ -7,7 +7,11 @@ from guardian.conf import settings as guardian_settings from guardian.ctypes import get_content_type -from guardian.utils import get_group_obj_perms_model, get_identity, get_user_obj_perms_model +from guardian.utils import ( + get_group_obj_perms_model, + get_identity, + get_user_obj_perms_model, +) def _get_pks_model_and_ctype(objects): @@ -18,7 +22,7 @@ def _get_pks_model_and_ctype(objects): if isinstance(objects, QuerySet): model = objects.model - pks = [force_str(pk) for pk in objects.values_list('pk', flat=True)] + pks = [force_str(pk) for pk in objects.values_list("pk", flat=True)] ctype = get_content_type(model) else: pks = [] @@ -73,8 +77,8 @@ def has_perm(self, perm, obj): return False elif self.user and self.user.is_superuser: return True - if '.' in perm: - _, perm = perm.split('.', 1) + if "." in perm: + _, perm = perm.split(".", 1) return perm in self.get_perms(obj) def get_group_filters(self, obj): @@ -84,20 +88,22 @@ def get_group_filters(self, obj): group_model = get_group_obj_perms_model(obj) group_rel_name = group_model.permission.field.related_query_name() if self.user: - fieldname = '{}__group__{}'.format( + fieldname = "{}__group__{}".format( group_rel_name, User.groups.field.related_query_name(), ) group_filters = {fieldname: self.user} else: - group_filters = {'%s__group' % group_rel_name: self.group} + group_filters = {"%s__group" % group_rel_name: self.group} if group_model.objects.is_generic(): - group_filters.update({ - '%s__content_type' % group_rel_name: ctype, - '%s__object_pk' % group_rel_name: obj.pk, - }) + group_filters.update( + { + "%s__content_type" % group_rel_name: ctype, + "%s__object_pk" % group_rel_name: obj.pk, + } + ) else: - group_filters['%s__content_object' % group_rel_name] = obj + group_filters["%s__content_object" % group_rel_name] = obj return group_filters @@ -106,14 +112,16 @@ def get_user_filters(self, obj): model = get_user_obj_perms_model(obj) related_name = model.permission.field.related_query_name() - user_filters = {'%s__user' % related_name: self.user} + user_filters = {"%s__user" % related_name: self.user} if model.objects.is_generic(): - user_filters.update({ - '%s__content_type' % related_name: ctype, - '%s__object_pk' % related_name: obj.pk, - }) + user_filters.update( + { + "%s__content_type" % related_name: ctype, + "%s__object_pk" % related_name: obj.pk, + } + ) else: - user_filters['%s__content_object' % related_name] = obj + user_filters["%s__content_object" % related_name] = obj return user_filters @@ -157,9 +165,13 @@ def get_perms(self, obj): if guardian_settings.AUTO_PREFETCH: return [] if self.user and self.user.is_superuser: - perms = list(chain(*Permission.objects - .filter(content_type=ctype) - .values_list("codename"))) + perms = list( + chain( + *Permission.objects.filter(content_type=ctype).values_list( + "codename" + ) + ) + ) elif self.user: # Query user and group permissions separately and then combine # the results to avoid a slow query @@ -192,10 +204,13 @@ def prefetch_perms(self, objects): pks, model, ctype = _get_pks_model_and_ctype(objects) if self.user and self.user.is_superuser: - perms = list(chain( - *Permission.objects - .filter(content_type=ctype) - .values_list("codename"))) + perms = list( + chain( + *Permission.objects.filter(content_type=ctype).values_list( + "codename" + ) + ) + ) for pk in pks: key = (ctype.id, force_str(pk)) @@ -206,47 +221,50 @@ def prefetch_perms(self, objects): group_model = get_group_obj_perms_model(model) if self.user: - fieldname = 'group__{}'.format( + fieldname = "group__{}".format( User.groups.field.related_query_name(), ) group_filters = {fieldname: self.user} else: - group_filters = {'group': self.group} + group_filters = {"group": self.group} if group_model.objects.is_generic(): - group_filters.update({ - 'content_type': ctype, - 'object_pk__in': pks, - }) + group_filters.update( + { + "content_type": ctype, + "object_pk__in": pks, + } + ) else: - group_filters.update({ - 'content_object_id__in': pks - }) + group_filters.update({"content_object_id__in": pks}) if self.user: model = get_user_obj_perms_model(model) user_filters = { - 'user': self.user, + "user": self.user, } if model.objects.is_generic(): - user_filters.update({ - 'content_type': ctype, - 'object_pk__in': pks - }) + user_filters.update({"content_type": ctype, "object_pk__in": pks}) else: - user_filters.update({ - 'content_object_id__in': pks - }) + user_filters.update({"content_object_id__in": pks}) # Query user and group permissions separately and then combine # the results to avoid a slow query - user_perms_qs = model.objects.filter(**user_filters).select_related('permission') - group_perms_qs = group_model.objects.filter(**group_filters).select_related('permission') + user_perms_qs = model.objects.filter(**user_filters).select_related( + "permission" + ) + group_perms_qs = group_model.objects.filter(**group_filters).select_related( + "permission" + ) perms = chain(user_perms_qs, group_perms_qs) else: perms = chain( - *(group_model.objects.filter(**group_filters).select_related('permission'),) + *( + group_model.objects.filter(**group_filters).select_related( + "permission" + ), + ) ) # initialize entry in '_obj_perms_cache' for all prefetched objects @@ -269,12 +287,15 @@ def prefetch_perms(self, objects): def _init_obj_prefetch_cache(obj, *querysets): cache = {} for qs in querysets: - perms = qs.select_related('permission__codename').values_list('content_type_id', 'object_pk', - 'permission__codename') + perms = qs.select_related("permission__codename").values_list( + "content_type_id", "object_pk", "permission__codename" + ) for p in perms: if p[:2] not in cache: cache[p[:2]] = [] - cache[p[:2]] += [p[2], ] + cache[p[:2]] += [ + p[2], + ] obj._guardian_perms_cache = cache return obj, cache @@ -285,7 +306,7 @@ def _prefetch_cache(self): obj = self.user querysets = [ UserObjectPermission.objects.filter(user=obj), - GroupObjectPermission.objects.filter(group__user=obj) + GroupObjectPermission.objects.filter(group__user=obj), ] else: obj = self.group @@ -293,7 +314,7 @@ def _prefetch_cache(self): GroupObjectPermission.objects.filter(group=obj), ] - if not hasattr(obj, '_guardian_perms_cache'): + if not hasattr(obj, "_guardian_perms_cache"): obj, cache = self._init_obj_prefetch_cache(obj, *querysets) else: cache = obj._guardian_perms_cache