diff options
author | Leif Johansson <leifj@sunet.se> | 2011-04-07 00:01:07 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-04-07 00:01:07 +0200 |
commit | 83d4517f3341d7c411b0456ce7de1bd7deb0b679 (patch) | |
tree | 7dafec6d561ce9946397d7d09c9e76634623379e | |
parent | a772604ef6e6e6406c6005be31149c4696b1e719 (diff) |
use filter better later
-rw-r--r-- | src/django_co_connector/models.py | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/src/django_co_connector/models.py b/src/django_co_connector/models.py index c21bdfd..5832b88 100644 --- a/src/django_co_connector/models.py +++ b/src/django_co_connector/models.py @@ -53,11 +53,9 @@ def deny(object,group,permission): def can(object,user,permission): if not hasattr(object,'acl'): raise Exception,"no acl property" - - for ace in object.acl: - if ace.permission == permission and not ace.group: - return True - if ace.permission == permission and ace.group in user.groups: + # XXX use more sql here + for ace in object.acl.filter(permission=permission): + if not ace.group or ace.group in user.groups: return True return False |