I am implementing a search function that returns pages the user has access to via their groups. Pages have these settings set via the Wagtail admin page privacy settings when editing.
For example, a page could only be visible to users in the Editors group. So when a user NOT in the Editors group searches for this page it should be filtered out.
How would one efficiently filter pages not accessible by the user this way? I could not find any clear way to do this.
To answer my own question for search engine optimization purposes.
After studying the Wagtail source code I discovered Wagtail uses a PageViewRestriction model internally.
I ended up using this snippet to solve my issue:
from wagtail.core.models import Page, PageViewRestriction
def filter_pages(user):
pages = Page.objects.live()
# Unauthenticated users can only see public pages
if not user.is_authenticated:
pages = pages.public()
# Superusers can implicitly view all pages. No further filtering required
elif not user.is_superuser:
# Get all page ids where the user's groups do NOT have access to
disallowed_ids = PageViewRestriction.objects.exclude(groups__id=user.groups.all()).values_list("page", flat=True)
# Exclude all pages with disallowed ids
pages = pages.exclude(id__in=disallowed_ids)
return pages