fix role & role pernissions for user

2025-08-07 13:16:10 +03:30
parent fe6417b1c3
commit bc8c884678
2 changed files with 21 additions and 21 deletions
--- a/apps/authorization/api/v1/serializers.py
+++ b/apps/authorization/api/v1/serializers.py
@@ -139,17 +139,17 @@ class UserRelationSerializer(serializers.ModelSerializer):
                # set permissions by a default structure like:
                # 'page permission':[element permissions]
                permissions = instance.permissions.filter(is_active=True)
-                representation['permissions'] = PermissionSerializer().permissions_structure_output(permissions)
+                representation['permissions'] = (
+                    PermissionSerializer().permissions_structure_output(permissions) +
+                    PermissionSerializer().permissions_structure_output(instance.role.permissions.all())
+                )
+
        return representation

    def update(self, instance, validated_data):
        """ update user relation object """

-        # if role of user changed, clear all permissions and set new role permissions for user
-        if not instance.role == validated_data.get('role', instance.role):
        instance.role = validated_data.get('role', instance.role)
-            instance.permissions.clear()
-            instance.permissions.add(*instance.role.permissions.all())

        instance.organization = validated_data.get('organization', instance.organization)
        instance.save()
--- a/apps/authorization/signals.py
+++ b/apps/authorization/signals.py
@@ -4,21 +4,21 @@ from django.db.models.signals import post_save, post_delete
 from django.dispatch import receiver


-@receiver([post_save], sender=UserRelations)
-def sync_role_permissions(sender, instance, **kwargs):
-    """ add role permissions to user relation permissions in is null """
-
-    # if _from_signal=True prevent from maximum recursion loop
-    if getattr(instance, '_from_signal', False):
-        return
-
-    if instance.role:
-        permissions = instance.role.permissions.all()
-    if not instance.permissions.exists():
-        instance.permissions.add(*permissions)  # noqa
-
-    instance._from_signal = True
-    instance.save()
+# @receiver([post_save], sender=UserRelations)
+# def sync_role_permissions(sender, instance, **kwargs):
+#     """ add role permissions to user relation permissions in is null """
+#
+#     # if _from_signal=True prevent from maximum recursion loop
+#     if getattr(instance, '_from_signal', False):
+#         return
+#
+#     if instance.role:
+#         permissions = instance.role.permissions.all()
+#     if not instance.permissions.exists():
+#         instance.permissions.add(*permissions)  # noqa
+#
+#     instance._from_signal = True
+#     instance.save()