Features: 1) Add "list" and "retrieve" to USER_SCOPED_ACTIONS; 2) Include new image asset evibes-big-simple.png;

Fixes: None; Extra: 1) Simplify queryset filtering logic for "list" and "retrieve" actions;
2025-05-29 22:56:19 +03:00 · 2025-05-29 22:56:19 +03:00 · 04656ea223
commit 04656ea223
parent 7b5585ea9f
2 changed files with 3 additions and 3 deletions
--- a/core/docs/images/evibes-big-simple.png
+++ b/core/docs/images/evibes-big-simple.png
--- a/core/permissions.py
+++ b/core/permissions.py
@ -36,6 +36,8 @@ class EvibesPermission(permissions.BasePermission):
    }

    USER_SCOPED_ACTIONS = {
+        "list",
+        "retrieve",
        "buy",
        "buy_unregistered",
        "current",
@ -107,9 +109,7 @@ class EvibesPermission(permissions.BasePermission):
                return queryset.filter(user=request.user)
            if view.action in ("list", "retrieve"):
                if request.user.has_perm(f"{app_label}.view_{model_name}"):
-                    if request.user.is_staff:
-                        return queryset
-                    return queryset.filter(user=request.user, is_active=True)
+                    return queryset
                return queryset.none()

            base = queryset.filter(is_active=True, user=request.user)