mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-12-22 23:42:25 +00:00
With distinct permissions, we don't need to check ~ 100 000 permissions to check if someone can log in
This commit is contained in:
parent
c62b5f935a
commit
716232e27f
@ -36,7 +36,7 @@ class PermissionBackend(ModelBackend):
|
||||
# Unauthenticated users have no permissions
|
||||
return Permission.objects.none()
|
||||
|
||||
return Permission.objects.annotate(
|
||||
qs = Permission.objects.annotate(
|
||||
club=F("rolepermissions__role__membership__club"),
|
||||
membership=F("rolepermissions__role__membership"),
|
||||
).filter(
|
||||
@ -50,7 +50,13 @@ class PermissionBackend(ModelBackend):
|
||||
& Q(rolepermissions__role__membership__user=user)
|
||||
& Q(type=t)
|
||||
& Q(mask__rank__lte=get_current_session().get("permission_mask", 0))
|
||||
).distinct()
|
||||
)
|
||||
|
||||
try:
|
||||
qs = qs.distinct('pk', 'club')
|
||||
except: # SQLite doesn't support distinct fields.
|
||||
qs = qs.distinct()
|
||||
return qs
|
||||
|
||||
@staticmethod
|
||||
def permissions(user, model, type):
|
||||
|
Loading…
Reference in New Issue
Block a user