As a developer, I can make permission object filtering chainable
Ticket moved to GitHub: "pulp/pulpcore/2066":https://github.com/pulp/pulpcore/issues/2066
As a developer with the new Roles facilities in pulpcore==3.17, you likely will want to filter by permissions with something like this example taken from this PR.
current_user = get_current_authenticated_user() qs = Task.objects.filter(finished_at__lt=finished_before, state__in=states) units_deleted, details = get_objects_for_user(current_user, "core.delete_task", qs=qs).delete()
As you can see, this needs to determine who the current user is, and you can't build the queryset in one go by using chaining.
with_perm chainable call on all querysets for Pulp objects. It could be used like this:
Updated by gerrod almost 2 years ago
I think it should be mentioned that
with_perms will probably call
get_authenticated_user implicitly for the permission check. In that case we should probably create our own custom version that can be ran in tasks outside of a django view. Or we would need to make a rule to do all queryset permission checks inside a view before handing off to a task.