You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The relation between documents, one restricted, one not restricted is still visible on the frontsite, while the point of having the restricted document was to hide it from the patrons.
Expected behavior
We should filter out the restricted documents to be visible in the relation fields
Possible implementation
Currently, the restricted field is only taken into account when searching for documents, and not in relations.
Change relations_metadata to add the restricted field along with the doc title, etc..., at least when True
Change the document serializer to remove the on-the-fly the relation to the restricted document if the user is not authorized
Change the search filter in the backend to exclude the search in relations_metadata.document when relations_metadata.document.restricted: True and the user is not authorized
The text was updated successfully, but these errors were encountered:
Package version (if known): v1.0.0a27
Describe the bug
The relation between documents, one restricted, one not restricted is still visible on the frontsite, while the point of having the restricted document was to hide it from the patrons.
Expected behavior
We should filter out the restricted documents to be visible in the relation fields
Possible implementation
Currently, the
restricted
field is only taken into account when searching for documents, and not in relations.relations_metadata
to add therestricted
field along with the doctitle
, etc..., at least whenTrue
relations_metadata.document
whenrelations_metadata.document.restricted: True
and the user is not authorizedThe text was updated successfully, but these errors were encountered: