From be4d0c6d065c01c04c7827f5b0ce256d950bde6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Espino?= Date: Thu, 12 Mar 2015 09:54:51 +0100 Subject: [PATCH] Fix MembersFilter of Users api, now filter correctly and filter by is_active --- taiga/base/filters.py | 9 ++++++--- .../resources_permissions/test_users_resources.py | 2 +- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/taiga/base/filters.py b/taiga/base/filters.py index a5d74112..43c0219b 100644 --- a/taiga/base/filters.py +++ b/taiga/base/filters.py @@ -238,7 +238,7 @@ class MembersFilterBackend(PermissionBasedFilterBackend): def filter_queryset(self, request, queryset, view): project_id = None project = None - qs = queryset + qs = queryset.filter(is_active=True) if "project" in request.QUERY_PARAMS: try: project_id = int(request.QUERY_PARAMS["project"]) @@ -262,8 +262,11 @@ class MembersFilterBackend(PermissionBasedFilterBackend): projects_list = [membership.project_id for membership in memberships_qs] - if project and not "view_project" in project.public_permissions: - qs = qs.none() + if project: + is_member = project.id in projects_list + has_project_public_view_permission = "view_project" in project.public_permissions + if not is_member and not has_project_public_view_permission: + qs = qs.none() qs = qs.filter(Q(memberships__project_id__in=projects_list) | Q(memberships__project__public_permissions__contains=[self.permission])| diff --git a/tests/integration/resources_permissions/test_users_resources.py b/tests/integration/resources_permissions/test_users_resources.py index f20eaab4..7e3f9659 100644 --- a/tests/integration/resources_permissions/test_users_resources.py +++ b/tests/integration/resources_permissions/test_users_resources.py @@ -115,7 +115,7 @@ def test_user_list(client, data): response = client.get(url) users_data = json.loads(response.content.decode('utf-8')) - assert len(users_data) == 6 + assert len(users_data) == 3 assert response.status_code == 200