lgcosta/paperless-ngx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update model,index

Browse Source
This commit is contained in:
otxtan@gmail.com
2024-05-29 15:50:06 +07:00
parent 8a4f809d83
commit 89e14fd49b
4 changed files with 32 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/documents/index.py
View File

@@ -484,9 +484,10 @@ def get_permissions_criterias(user: Optional[User] = None):
if user is not None:
if user.is_superuser: # superusers see all docs
user_criterias = []
else:
user_criterias.append(query.Term("owner_id", user.id))
user_criterias.append(
query.Term("viewer_id", str(user.id)),
)
# else:
# user_criterias.append(query.Term("owner_id", user.id))
# user_criterias.append(
# query.Term("viewer_id", str(user.id)),
# )
user_criterias = []
return user_criterias

7
src/documents/models.py
View File

@@ -1018,6 +1018,13 @@ class WorkflowTrigger(models.Model):
verbose_name=_("has this correspondent"),
)
filter_has_group = models.ManyToManyField(
Group,
null=True,
blank=True,
verbose_name=_("has these groups"),
)
class Meta:
verbose_name = _("workflow trigger")
verbose_name_plural = _("workflow triggers")

16
src/documents/views.py
View File

@@ -562,12 +562,18 @@ class DocumentViewSet(
def thumb(self, request, pk=None):
try:
doc = Document.objects.get(id=pk)
if request.user is not None and not has_perms_owner_aware(
request.user,
"view_document",
doc,
):
# Allow all users to view thumbnails
if request.user is None:
return HttpResponseForbidden("Insufficient permissions")
# Original
# if request.user is not None and not has_perms_owner_aware(
# request.user,
# "view_document",
# doc,
# ):
# return HttpResponseForbidden("Insufficient permissions")
if doc.storage_type == Document.STORAGE_TYPE_GPG:
handle = GnuPG.decrypted(doc.thumbnail_file)
else: