Chore: fix set_permissions_for_object type (#11564)

2025-12-10 05:01:28 +00:00 · 2025-12-09 16:12:40 -08:00
parent 26975868a0
commit 128c3539d5
2 changed files with 10 additions and 9 deletions
--- a/src/documents/permissions.py
+++ b/src/documents/permissions.py
@@ -61,21 +61,22 @@ def get_groups_with_only_permission(obj, codename):
    return Group.objects.filter(id__in=group_object_perm_group_ids).distinct()
-def set_permissions_for_object(permissions: list[str], object, *, merge: bool = False):
+def set_permissions_for_object(permissions: dict, object, *, merge: bool = False):
    """
-    Set permissions for an object. The permissions are given as a list of strings
+    Set permissions for an object. The permissions are given as a mapping of actions
-    in the format "action_modelname", e.g. "view_document".
+    to a dict of user / group id lists, e.g.
    {"view": {"users": [1], "groups": [2]}, "change": {"users": [], "groups": []}}.
    If merge is True, the permissions are merged with the existing permissions and
    no users or groups are removed. If False, the permissions are set to exactly
    the given list of users and groups.
    """
-    for action in permissions:
+    for action, entry in permissions.items():
        permission = f"{action}_{object.__class__.__name__.lower()}"
-        if "users" in permissions[action]:
+        if "users" in entry:
            # users
-            users_to_add = User.objects.filter(id__in=permissions[action]["users"])
+            users_to_add = User.objects.filter(id__in=entry["users"])
            users_to_remove = (
                get_users_with_perms(
                    object,
@@ -100,9 +101,9 @@ def set_permissions_for_object(permissions: list[str], object, *, merge: bool =
                            user,
                            object,
                        )
-        if "groups" in permissions[action]:
+        if "groups" in entry:
            # groups
-            groups_to_add = Group.objects.filter(id__in=permissions[action]["groups"])
+            groups_to_add = Group.objects.filter(id__in=entry["groups"])
            groups_to_remove = (
                get_groups_with_only_permission(
                    object,
--- a/src/documents/tests/test_api_search.py
+++ b/src/documents/tests/test_api_search.py
@@ -1289,7 +1289,7 @@ class TestDocumentSearchApi(DirectoriesMixin, APITestCase):
                content_type__app_label="admin",
            ),
        )
-        set_permissions([4, 5], set_permissions=[], owner=user2, merge=False)
+        set_permissions([4, 5], set_permissions={}, owner=user2, merge=False)
        with index.open_index_writer() as writer:
            index.update_document(writer, d1)