How can I limit ModelAdmin queryset to user-editable items when using object permissions?

Question

I'm trying to implement Florian's object permissions system from his article on Django Advent, but I'm running into an issue trying to limit the queryset returned to only items the user has permission to edit/view. Florian mentions it in his section on wrapping the admin, but skips over it. I can't see a good way to filter the queryset. Am I missing something?

Answer 1

When you do this:

class ObjectPermission(models.Model):
    user = models.ForeignKey(User)
    can_view = models.BooleanField()
    can_change = models.BooleanField()
    can_delete = models.BooleanField()

    content_type = models.ForeignKey(ContentType)
    object_id = models.PositiveIntegerField()

you can filter your query set in this way (in your method queryset):

def queryset(self, request):
    qs = super(YourModelAdmin, self).queryset(request)
    op = ObjectPermission.objects.filter(user=request.user, can_change=True, content_type=ContentType.objects.get_for_model(YourModel)).values_list('object_id').distinct()
    qs = queryset.filter(id__in=[id[0] for id in op])
    return qs