An error occurs when trying to apply permission checks using the HasRetvalPerm extension on a paginated list of items. Specifically, the system throws a TypeError when permissions are enforced on a queryset that has already been sliced for pagination.
Error Details
Error Message: TypeError: Cannot filter a query once a slice has been taken.
Context: The error arises when using the HasRetvalPerm extension for permission checks on a paginated queryset.
Example
The issue is encountered with the following setup:
Django's ORM does not allow further modifications (such as filtering for permissions) on a queryset after it has been sliced for pagination. This Django limitation conflicts with the intended use of the HasRetvalPerm extension in a paginated context.
Conclusion
We likely need to adjust the order in which the HasRetvalPerm extension and pagination are applied to ensure that permission checks on the queryset occur prior to pagination.
System Information
Operating system: OSX
Strawberry version (if applicable): 0.30
Upvote & Fund
We're using Polar.sh so you can upvote and help fund this issue.
We receive the funding once the issue is completed & confirmed by you.
Thank you in advance for helping prioritize & fund our backlog.
Summary
An error occurs when trying to apply permission checks using the
HasRetvalPerm
extension on a paginated list of items. Specifically, the system throws aTypeError
when permissions are enforced on a queryset that has already been sliced for pagination.Error Details
TypeError: Cannot filter a query once a slice has been taken.
Example
The issue is encountered with the following setup:
Workaround Implemented
A temporary solution involves overriding the
get_queryset
method in the type definition to enforce permissions before pagination:Root Cause
Django's ORM does not allow further modifications (such as filtering for permissions) on a queryset after it has been sliced for pagination. This Django limitation conflicts with the intended use of the HasRetvalPerm extension in a paginated context.
Conclusion
We likely need to adjust the order in which the
HasRetvalPerm
extension and pagination are applied to ensure that permission checks on the queryset occur prior to pagination.System Information
Upvote & Fund