From 14ec5e0610c79410af2ca0684a37c3e564dfbc26 Mon Sep 17 00:00:00 2001
From: Joey Chatelain <jchate6@gmail.com>
Date: Tue, 20 Aug 2024 16:00:57 -0700
Subject: [PATCH 1/2] update permission references

---
 docs/targets/target_fields.rst             | 9 +++++++++
 tom_dataproducts/api_views.py              | 3 ++-
 tom_dataproducts/views.py                  | 2 +-
 tom_observations/api_views.py              | 2 +-
 tom_observations/views.py                  | 4 ++--
 tom_targets/templatetags/targets_extras.py | 4 ++--
 6 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/docs/targets/target_fields.rst b/docs/targets/target_fields.rst
index 34f7552e8..4d65fc6d1 100644
--- a/docs/targets/target_fields.rst
+++ b/docs/targets/target_fields.rst
@@ -172,6 +172,8 @@ Create a new file in your custom app called ``management/commands/convert_target
 
     from django.core.management.base import BaseCommand
 
+    from guardian.models import GroupObjectPermission, UserObjectPermission
+
     from tom_targets.base_models import BaseTarget
     from tom_targets.models import Target
 
@@ -198,6 +200,13 @@ Create a new file in your custom app called ``management/commands/convert_target
                         target = Target(basetarget_ptr_id=base_target.pk)  # Create a new target with the base_target PK
                         target.__dict__.update(base_target.__dict__)  # add base_target fields to target dictionary
                         target.save()
+                        # re-add permissions for existing users and groups
+                        group_set = set(gop.group for gop in GroupObjectPermission.objects.filter(object_pk=target.pk))
+                        user_set = set(uop.user for uop in UserObjectPermission.objects.filter(object_pk=target.pk))
+                        for group in group_set:
+                            target.give_user_access(group)
+                        for user in user_set:
+                            target.give_user_access(user)
                 self.stdout.write(f'{Target.objects.count()} Targets updated.')
 
             return
diff --git a/tom_dataproducts/api_views.py b/tom_dataproducts/api_views.py
index 5661098b8..fb2ce4358 100644
--- a/tom_dataproducts/api_views.py
+++ b/tom_dataproducts/api_views.py
@@ -13,6 +13,7 @@
 from tom_dataproducts.filters import DataProductFilter
 from tom_dataproducts.models import DataProduct, ReducedDatum
 from tom_dataproducts.serializers import DataProductSerializer, ReducedDatumSerializer
+from tom_targets.models import Target
 
 
 class DataProductViewSet(CreateModelMixin, DestroyModelMixin, ListModelMixin, GenericViewSet, PermissionListMixin):
@@ -65,7 +66,7 @@ def get_queryset(self):
         """
         if settings.TARGET_PERMISSIONS_ONLY:
             return super().get_queryset().filter(
-                target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
+                target__in=get_objects_for_user(self.request.user, f'{Target._meta.app_label}.view_target')
             )
         else:
             return get_objects_for_user(self.request.user, 'tom_dataproducts.view_dataproduct')
diff --git a/tom_dataproducts/views.py b/tom_dataproducts/views.py
index 94abcb3e1..d5787ea73 100644
--- a/tom_dataproducts/views.py
+++ b/tom_dataproducts/views.py
@@ -329,7 +329,7 @@ def get_queryset(self):
         """
         if settings.TARGET_PERMISSIONS_ONLY:
             return super().get_queryset().filter(
-                target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
+                target__in=get_objects_for_user(self.request.user, f'{Target._meta.app_label}.view_target')
             )
         else:
             return get_objects_for_user(self.request.user, 'tom_dataproducts.view_dataproduct')
diff --git a/tom_observations/api_views.py b/tom_observations/api_views.py
index 558bbda2a..7d4e5a32f 100644
--- a/tom_observations/api_views.py
+++ b/tom_observations/api_views.py
@@ -62,7 +62,7 @@ def get_queryset(self):
             # Though it's next to impossible for a user to observe a target they don't have permission to view, this
             # queryset ensures that such an edge case is covered.
             return super().get_queryset().filter(
-                Q(target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')) |
+                Q(target__in=get_objects_for_user(self.request.user, f'{Target._meta.app_label}.view_target')) |
                 Q(user=self.request.user.id)
             )
         else:
diff --git a/tom_observations/views.py b/tom_observations/views.py
index 6f1f7ba7d..09a830030 100644
--- a/tom_observations/views.py
+++ b/tom_observations/views.py
@@ -75,7 +75,7 @@ def get_queryset(self, *args, **kwargs):
         """
         if settings.TARGET_PERMISSIONS_ONLY:
             return ObservationRecord.objects.filter(
-                target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
+                target__in=get_objects_for_user(self.request.user, f'{Target._meta.app_label}.view_target')
             )
         else:
             return get_objects_for_user(self.request.user, 'tom_observations.view_observationrecord')
@@ -493,7 +493,7 @@ def get_queryset(self, *args, **kwargs):
         """
         if settings.TARGET_PERMISSIONS_ONLY:
             return ObservationRecord.objects.filter(
-                target__in=get_objects_for_user(self.request.user, 'tom_targets.view_target')
+                target__in=get_objects_for_user(self.request.user, f'{Target._meta.app_label}.view_target')
             )
         else:
             return get_objects_for_user(self.request.user, 'tom_observations.view_observationrecord')
diff --git a/tom_targets/templatetags/targets_extras.py b/tom_targets/templatetags/targets_extras.py
index 1bca548c2..31b87c2cf 100644
--- a/tom_targets/templatetags/targets_extras.py
+++ b/tom_targets/templatetags/targets_extras.py
@@ -30,7 +30,7 @@ def recent_targets(context, limit=10):
     Displays a list of the most recently created targets in the TOM up to the given limit, or 10 if not specified.
     """
     user = context['request'].user
-    return {'targets': get_objects_for_user(user, 'tom_targets.view_target').order_by('-created')[:limit]}
+    return {'targets': get_objects_for_user(user, f'{Target._meta.app_label}.view_target').order_by('-created')[:limit]}
 
 
 @register.inclusion_tag('tom_targets/partials/recently_updated_targets.html', takes_context=True)
@@ -39,7 +39,7 @@ def recently_updated_targets(context, limit=10):
     Displays a list of the most recently updated targets in the TOM up to the given limit, or 10 if not specified.
     """
     user = context['request'].user
-    return {'targets': get_objects_for_user(user, 'tom_targets.view_target').order_by('-modified')[:limit]}
+    return {'targets': get_objects_for_user(user, f'{Target._meta.app_label}.view_target').order_by('-modified')[:limit]}
 
 
 @register.inclusion_tag('tom_targets/partials/target_feature.html')

From 9ab441e836bd76fa9e36ac291d8286b7d282ec2a Mon Sep 17 00:00:00 2001
From: Joey Chatelain <jchate6@gmail.com>
Date: Tue, 20 Aug 2024 16:44:50 -0700
Subject: [PATCH 2/2] fix line length

---
 tom_targets/templatetags/targets_extras.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tom_targets/templatetags/targets_extras.py b/tom_targets/templatetags/targets_extras.py
index 31b87c2cf..1ca091dad 100644
--- a/tom_targets/templatetags/targets_extras.py
+++ b/tom_targets/templatetags/targets_extras.py
@@ -39,7 +39,8 @@ def recently_updated_targets(context, limit=10):
     Displays a list of the most recently updated targets in the TOM up to the given limit, or 10 if not specified.
     """
     user = context['request'].user
-    return {'targets': get_objects_for_user(user, f'{Target._meta.app_label}.view_target').order_by('-modified')[:limit]}
+    return {'targets': get_objects_for_user(user,
+                                            f'{Target._meta.app_label}.view_target').order_by('-modified')[:limit]}
 
 
 @register.inclusion_tag('tom_targets/partials/target_feature.html')