Otimiza as verificacoes de permissoes

8 years ago · bedcd21f7c
1 changed files with 28 additions and 32 deletions
--- a/sapl/materia/views.py
+++ b/sapl/materia/views.py
@ -439,7 +439,9 @@ class ProposicaoCrud(Crud):

        def has_permission(self):
            perms = self.get_permission_required()
-            if self.request.user.has_perms(perms):
+            if not self.request.user.has_perms(perms):
+                return False
+
            if (Proposicao.objects.filter(
               id=self.kwargs['pk'],
               autor__user_id=self.request.user.id).exists()):
@ -454,23 +456,19 @@ class ProposicaoCrud(Crud):
                            'Não pode mais ser editada')
                    messages.add_message(self.request, messages.ERROR, msg)
                    return False
-            else:
-                return False

    class DetailView(PermissionRequiredMixin, CrudDetailView):
        permission_required = permissoes_autor()

        def has_permission(self):
            perms = self.get_permission_required()
-            if self.request.user.has_perms(perms):
-                if (Proposicao.objects.filter(
-                   id=self.kwargs['pk'],
-                   autor__user_id=self.request.user.id).exists()):
-                    return True
-                else:
+            if not self.request.user.has_perms(perms):
                return False
+
            else:
-                return False
+                return (Proposicao.objects.filter(
+                    id=self.kwargs['pk'],
+                    autor__user_id=self.request.user.id).exists())

    class ListView(PermissionRequiredMixin, CrudListView):
        ordering = ['-data_envio', 'descricao']
@ -507,15 +505,13 @@ class ProposicaoCrud(Crud):

        def has_permission(self):
            perms = self.get_permission_required()
-            if self.request.user.has_perms(perms):
-                if (Proposicao.objects.filter(
-                   id=self.kwargs['pk'],
-                   autor__user_id=self.request.user.id).exists()):
-                    return True
-                else:
+            if not self.request.user.has_perms(perms):
                return False
+
            else:
-                return False
+                return (Proposicao.objects.filter(
+                    id=self.kwargs['pk'],
+                    autor__user_id=self.request.user.id).exists())

        def delete(self, request, *args, **kwargs):
            proposicao = Proposicao.objects.get(id=self.kwargs['pk'])