Search code examples
pythondjangopermissionsdjango-rest-frameworkdjango-cms

User page permissions updating only when server restarts with Django-CMS

Basically, I am having an issue where, I have a page using rest framework that edits user (I am using the default django user app) permissions by changing the groups or changes other minor infos like name and password. However, when I edit a group of a user, and only when I edit them, for some reason, the user permissions only changes when I restart the django server, allowing the user to view django cms pags that he should not see. After the server restarts all permissions works just fine.

I already tried to force the permissions to be refreshed like this:

for app in settings.INSTALLED_APPS:
    create_permissions(apps.get_app_config(app.split(".")[-1]))

but it didn't work.

I actually have no clue whatsoever what the cause of the issue is, so much that I am not sure what code I could put here, so in doubt I will post the rest user serializer:

# -*- coding: utf-8 -*-
from rest_framework import serializers
from django.contrib.auth.models import User


class UserSerializer(serializers.ModelSerializer):
    def __init__(self, *args, **kwargs):
        super(UserSerializer, self).__init__(*args, **kwargs)
        self.fields['username'].label = u"Usuário"
        self.fields['password'].label = u"Senha"
        self.fields['first_name'].label = u"Nome Completo"

    group_name = serializers.SerializerMethodField()

    def get_group_name(self, obj):
        return ", ".join(list(obj.groups.values_list('name',flat=True)))

    def create(self, validated_data):
        user = super(UserSerializer, self).create(validated_data)
        user.set_password(validated_data['password'])
        user.save()
        return user

    def update(self, instance, validated_data):
        user = super(UserSerializer, self).update(instance, validated_data)
        if "password" in validated_data:
            user.set_password(validated_data['password'])
        user.save()

        return user


    class Meta:
        model = User
        fields = [
            "id",
            "first_name",
            "username",
            "password",
            "group_name",
            "groups",
            "is_active",
        ]
Solution

  • So, the problem was a menu caching, and django CMS seems to be not so good with cache. So I simply disabled all cache, which, should've been disabled with the first line of the following code, but it only actually disabled adding a CMS_CACHE_DURATIONS in settings.py:

    CMS_PAGE_CACHE = CMS_PLACEHOLDER_CACHE = CMS_PLUGIN_CACHE = False
CMS_CACHE_DURATIONS={
    'menus': 0,
    'content': 0,
    'permissions': 0,
}