ellmetha · franga2000 · Mar 10, 2025 · Mar 10, 2025
diff --git a/machina/apps/forum_permission/checker.py b/machina/apps/forum_permission/checker.py
@@ -184,7 +184,7 @@ def get_perms_for_forumlist(self, forums, perm_codenames=None):
                     # - not set to non-granted on global-user level
                     # - and not set to non-granted on forum-group level
                     # - and not set to non-granted on forum-user level
-                    globally_granted_group_perms = list(
+                    forum_globally_granted_group_perms = list(
                         filter(lambda p: p.has_perm and p.forum_id is None and
                                p.permission_id not in
                                [q.permission_id for q in globally_nongranted_user_perms] and
@@ -195,14 +195,14 @@ def get_perms_for_forumlist(self, forums, perm_codenames=None):
                                globally_granted_group_perms)
                     )
                     globally_granted_group_permcodes = [
-                        p.permission.codename for p in globally_granted_group_perms
+                        p.permission.codename for p in forum_globally_granted_group_perms
                     ]
 
                     # Filter the globally non granted group perms to those that were:
                     # - not set to granted on global- user level
                     # - and not set to granted on forum-group level
                     # - and not set to granted on forum-user level
-                    globally_nongranted_group_perms = list(
+                    forum_globally_nongranted_group_perms = list(
                         filter(lambda p: not p.has_perm and p.forum_id is None and
                                p.permission_id not in
                                [q.permission_id for q in globally_granted_user_perms] and
@@ -251,22 +251,22 @@ def get_perms_for_forumlist(self, forums, perm_codenames=None):
                 # - and not set to non-granted on global-group level
                 # - and not set to non-granted on forum-group level
                 # - and not set to non-granted on forum-user level
-                globally_granted_all_users_perms = list(
+                forum_globally_granted_all_users_perms = list(
                     filter(lambda p: p.has_perm and p.forum_id is None and
                            p.permission_id not in
                            [y.permission_id for y in per_forum_nongranted_all_users_perms] and
                            p.permission_id not in
                            [q.permission_id for q in globally_nongranted_user_perms] and
                            p.permission_id not in
-                           [a.permission_id for a in globally_nongranted_group_perms] and
+                           [a.permission_id for a in forum_globally_nongranted_group_perms] and
                            p.permission_id not in
                            [x.permission_id for x in per_forum_nongranted_group_perms] and
                            p.permission_id not in
                            [z.permission_id for z in per_forum_nongranted_user_perms],
                            globally_granted_all_users_perms)
                 )
                 globally_granted_all_users_permcodes = [
-                    p.permission.codename for p in globally_granted_all_users_perms
+                    p.permission.codename for p in forum_globally_granted_all_users_perms
                 ]
                 granted_all_users_permcodes = set(globally_granted_all_users_permcodes +
                                                   per_forum_granted_all_users_permcodes)

diff --git a/tests/unit/apps/forum_permission/test_checker.py b/tests/unit/apps/forum_permission/test_checker.py
@@ -216,3 +216,31 @@ def test_knows_that_granted_permissions_should_take_precedence_over_the_same_non
         checker = ForumPermissionChecker(user)
         # Run & check
         assert checker.has_perm('can_read_forum', self.forum)
+
+    def test_readable_forums_order_independent(self):
+        PERM = 'can_read_forum'
+        # Setup
+        user = UserFactory.create()
+        group = GroupFactory.create()
+        user.groups.add(group)
+
+        # All forums are visible to everyone, except one is hidden from this group
+        public1 = create_forum(name="Public 1")
+        public2 = create_forum(name="Public 2")
+        private = create_forum(name="Private")
+        assign_perm(PERM, ALL_AUTHENTICATED_USERS, None, has_perm=True)
+        assign_perm(PERM, group, private, has_perm=False)
+
+        checker = ForumPermissionChecker(user)
+
+        # Test with public forum in the end
+        perms = checker.get_perms_for_forumlist([public1, public2, private], [PERM, ])
+        assert PERM in perms[public1]
+        assert PERM in perms[public2]
+        assert PERM not in perms[private]
+
+        # Test with private forum in the middle
+        perms = checker.get_perms_for_forumlist([public1, private, public2], [PERM, ])
+        assert PERM in perms[public1]
+        assert PERM in perms[public2]
+        assert PERM not in perms[private]