taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Restoring Members filter backend for users endpoint

remotes/origin/enhancement/email-actions
Jesús Espino 2014-08-14 10:49:35 +02:00
parent 2e21db3553
commit ec2a9b17ec
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
taiga/users/api.py
View File

@ -50,7 +50,7 @@ class MembersFilterBackend(BaseFilterBackend):
if project_id: if project_id:
Project = get_model('projects', 'Project') Project = get_model('projects', 'Project')
project = get_object_or_404(Project, pk=project_id) project = get_object_or_404(Project, pk=project_id)
if project.memberships.filter(user=request.user).exists() or project.owner ==request.user: if project.memberships.filter(user=request.user).exists() or project.owner == request.user:
return queryset.filter(Q(memberships__project=project) | Q(id=project.owner.id)).distinct() return queryset.filter(Q(memberships__project=project) | Q(id=project.owner.id)).distinct()
else: else:
raise exc.PermissionDenied(_("You don't have permisions to see this project users.")) raise exc.PermissionDenied(_("You don't have permisions to see this project users."))
@ -65,6 +65,7 @@ class UsersViewSet(ModelCrudViewSet):
permission_classes = (permissions.UserPermission,) permission_classes = (permissions.UserPermission,)
serializer_class = serializers.UserSerializer serializer_class = serializers.UserSerializer
queryset = models.User.objects.all() queryset = models.User.objects.all()
filter_backends = (MembersFilterBackend,)
def pre_conditions_on_save(self, obj): def pre_conditions_on_save(self, obj):
if self.request.user.is_superuser: if self.request.user.is_superuser: