The memoization doesn't work when objects don't have a primary key.

2025-06-21 01:48:21 +02:00 · 2020-04-02 14:50:28 +02:00
parent 8ad464ae0c
commit be42801709
7 changed files with 28 additions and 14 deletions
--- a/apps/permission/permissions.py
+++ b/apps/permission/permissions.py
@ -44,7 +44,7 @@ class StrongDjangoObjectPermissions(DjangoObjectPermissions):

        perms = self.get_required_object_permissions(request.method, model_cls)
        # if not user.has_perms(perms, obj):
-        if not all(PermissionBackend().has_perm(user, perm, obj) for perm in perms):
+        if not all(PermissionBackend.check_perm(user, perm, obj) for perm in perms):
            # If the user does not have permissions we need to determine if
            # they have read permissions to see 403, or not, and simply see
            # a 404 response.