Don't lose our prefetches when invoking guardian and fetch the custom field__field, which we actually use

2026-04-13 11:38:52 +00:00 · 2026-04-12 13:49:48 -07:00
4 changed files with 12 additions and 16 deletions
--- a/src/documents/consumer.py
+++ b/src/documents/consumer.py
@@ -650,10 +650,6 @@ class ConsumerPlugin(
                        # If we get here, it was successful. Proceed with post-consume
                        # hooks. If they fail, nothing will get changed.

-                        document = Document.objects.prefetch_related("versions").get(
-                            pk=document.pk,
-                        )
-
                        document_consumption_finished.send(
                            sender=self.__class__,
                            document=document,
--- a/src/documents/filters.py
+++ b/src/documents/filters.py
@@ -884,10 +884,16 @@ class ObjectOwnedOrGrantedPermissionsFilter(ObjectPermissionsFilter):
    """

    def filter_queryset(self, request, queryset, view):
+        # django-guardian's get_objects_for_user builds its own queryset
+        # internally and loses prefetch_related declarations.  Use its result
+        # as a subquery so we can filter the original queryset (which retains
+        # all prefetch hints) rather than returning guardian's queryset directly.
        objects_with_perms = super().filter_queryset(request, queryset, view)
-        objects_owned = queryset.filter(owner=request.user)
-        objects_unowned = queryset.filter(owner__isnull=True)
-        return objects_with_perms | objects_owned | objects_unowned
+        return queryset.filter(
+            Q(pk__in=objects_with_perms)
+            | Q(owner=request.user)
+            | Q(owner__isnull=True),
+        )


 class ObjectOwnedPermissionsFilter(ObjectPermissionsFilter):
--- a/src/documents/models.py
+++ b/src/documents/models.py
@@ -381,10 +381,7 @@ class Document(SoftDeleteModel, ModelWithOwner):  # type: ignore[django-manager-
            if isinstance(prefetched_cache, dict)
            else None
        )
-        if prefetched_versions is not None:
-            # Empty list means prefetch ran and found no versions — use own content.
-            if not prefetched_versions:
-                return self.content
+        if prefetched_versions:
            latest_prefetched = max(prefetched_versions, key=lambda doc: doc.id)
            return latest_prefetched.content

--- a/src/documents/views.py
+++ b/src/documents/views.py
@@ -919,7 +919,7 @@ class DocumentViewSet(
                    ),
                ),
                "tags",
-                "custom_fields",
+                "custom_fields__field",
                "notes",
            )
        )
@@ -1248,10 +1248,7 @@ class DocumentViewSet(
        ),
    )
    def suggestions(self, request, pk=None):
-        doc = get_object_or_404(
-            Document.objects.select_related("owner").prefetch_related("versions"),
-            pk=pk,
-        )
+        doc = get_object_or_404(Document.objects.select_related("owner"), pk=pk)
        if request.user is not None and not has_perms_owner_aware(
            request.user,
            "view_document",