Fixed #18763 -- Added with_perm() to User manager. #7153
Conversation
docs/ref/contrib/auth.txt
Outdated
There was a problem hiding this comment.
This seems like it should be saying that it doesn't return inactive users but is saying something else.
|
Generally I think this would be useful - I've wanted to know which users have which permissions in the past. However I can think of a many other cases that would be useful:
Also of note is the |
docs/releases/1.11.txt
Outdated
There was a problem hiding this comment.
The new UserManger.with_perm() method returns all users...
|
Hi @pope1ni, Thank you for review and suggestions.
This should probably needs to be discussed in a separate ticket.
+1 for adding |
|
I think I've addressed all review comments except https://github.com/django/django/pull/7153/files#r78226234 (pending discussion) Thanks! |
|
I've now implemented both my idea from the django-developers thread and Nick Pope's suggestions about adding |
|
Two comments regarding
|
|
Closing due to inactivity. |
|
I'm not sure I understand why you closed it. I didn't get any feedback or review comments from you or someone else on the Django team since September. If you think Rovi's suggestions should be addressed, you should have left a comment (for example "did you see Rovi's suggestions?" or "do you have time to address the suggestions Rovi made?") before prematurely closing the pull request. |
|
Oh, it's a misunderstanding that a team member has to validate feedback from someone else. You two could at least discuss among yourselves and come to a consensus. I guess it would be better to discuss it on the mailing list thread rather than here. Anyway, I had marked the ticket as "patch needs improvement" given the unresolved comment, so it wasn't going anywhere in the current state. |
|
Well, from a contributor's point of view, it doesn't matter whether we (the contributors) have reached a consensus on our end or not if it doesn't get accepted by the core developers. So what I was trying to say is that at some point it would be nice to know whether we are on the same page or not. Anyway, thanks for reopening it! I will try to address all review comments this week. |
|
Unfortunately, it's impossible for a team member to give feedback on every issue. The lack of feedback on the mailing list is concerning (maybe there's little demand for this) but If two people come to a consensus, that's a good start. |
|
@berkerpeksag Are you still interested in pursuing this PR? |
|
@rixx thank you for the ping! Yes, I'm still interested in getting this merged. However, last time I discussed it on django-developers, I wasn't able to gather much positive feedback. Perhaps it should be released on PyPI or proposed to a project such as django-extensions first? |
|
@berkerpeksag As far as I could see, there were still some discussions that were not resolved, and the PR is by nature limited, so there are at least documentation warnings missing ("only works with the Django permission backend" would be a start). But I still think this could make for a helpful feature in Django. |
|
I'm glad you found it useful :) I will try to update my branch this weekend. |
|
@berkerpeksag I'd be happy to pick up reviewing this one again and to see some of the other improvements I mentioned up thread implemented. Will keep an eye out for your rebase... |
|
I've addressed most of the review comments. I will add support for |
| groups__permissions__content_type__app_label=app_label) | ||
| has_permission_q = Q(is_active=is_active) & (Q(is_superuser=is_superuser) | user_q | group_q) | ||
|
|
||
| return UserModel._default_manager.filter(has_permission_q).distinct() |
There was a problem hiding this comment.
I would make it more DRY and readable, e.g.
if isinstance(perm, Permission):
has_permission = Q(user_permissions=perm) | Q(groups__permissions=perm)
else:
has_permission = Q(
Q(user_permissions__codename=codename) &
Q(user_permissions__content_type__app_label=app_label)
) | Q (
Q(groups__permissions__codename=codename) &
Q(groups__permissions__content_type__app_label=app_label)
)
return UserModel._default_manager.filter(
Q(is_active=is_active) &
Q(Q(is_superuser=is_superuser) | has_permission)
).distinct()What do you think?
I wonder if we can use Exists() to avoid distinct() call.
There was a problem hiding this comment.
Yes, your suggestion definitely looks better. I'll update the PR. Thanks!
Do you mean the queryset.exists() method or does Exists() mean something else?
There was a problem hiding this comment.
I was talking about Exists() subquery.
|
@berkerpeksag Thanks for this patch and your patience 🧘♂️ Are you able to prepare this for a final review? (rebase, squash commits, address two nitpicks from me). |
|
Thank you for the review comments! I will address all of them this week.
On Wed, 26 Jun 2019 at 13.10, Mariusz Felisiak ***@***.***> wrote:
@berkerpeksag <https://github.com/berkerpeksag> Thanks for this patch and
your patience 🧘♂️ Are you able to prepare this for a final review?
(rebase, squash commits, address two nitpicks from me).
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#7153?email_source=notifications&email_token=AAAGNYVLJUGUO6OEPVZGC6TP4M6A5A5CNFSM4CNVA2P2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYTBAZY#issuecomment-505811047>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAAGNYQIKHQJ67YKGRBQT5TP4M6A5ANCNFSM4CNVA2PQ>
.
--
--Berker
|
|
Please uncheck |
|
Superseded by #11625. |
https://code.djangoproject.com/ticket/18763