use filter better later

author: Leif Johansson <leifj@sunet.se> 2011-04-07 00:01:07 +0200
committer: Leif Johansson <leifj@sunet.se> 2011-04-07 00:01:07 +0200
commit: 83d4517f3341d7c411b0456ce7de1bd7deb0b679 (patch)
tree: 7dafec6d561ce9946397d7d09c9e76634623379e
parent: a772604ef6e6e6406c6005be31149c4696b1e719 (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/src/django_co_connector/models.py b/src/django_co_connector/models.py
index c21bdfd..5832b88 100644
--- a/src/django_co_connector/models.py
+++ b/src/django_co_connector/models.py
@@ -53,11 +53,9 @@ def deny(object,group,permission):
 def can(object,user,permission):
     if not hasattr(object,'acl'):
         raise Exception,"no acl property"
-        
-    for ace in object.acl:
-        if ace.permission == permission and not ace.group:
-            return True
-        if ace.permission == permission and ace.group in user.groups:
+    # XXX use more sql here
+    for ace in object.acl.filter(permission=permission):
+        if not ace.group or ace.group in user.groups:
             return True
             
     return False
author	Leif Johansson <leifj@sunet.se>	2011-04-07 00:01:07 +0200
committer	Leif Johansson <leifj@sunet.se>	2011-04-07 00:01:07 +0200
commit	83d4517f3341d7c411b0456ce7de1bd7deb0b679 (patch)
tree	7dafec6d561ce9946397d7d09c9e76634623379e
parent	a772604ef6e6e6406c6005be31149c4696b1e719 (diff)