From 7eac219eae6f1e8e92eb6371a8e3d0d6b57eb4ed Mon Sep 17 00:00:00 2001 From: AlanCoding Date: Tue, 14 Nov 2017 08:09:35 -0500 Subject: [PATCH] do not use expensive visible_roles for Act Stream filter --- awx/main/access.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/awx/main/access.py b/awx/main/access.py index 5d790cf560..9f907ac9d1 100644 --- a/awx/main/access.py +++ b/awx/main/access.py @@ -2243,7 +2243,7 @@ class ActivityStreamAccess(BaseAccess): Q(notification_template__organization__in=auditing_orgs) | Q(notification__notification_template__organization__in=auditing_orgs) | Q(label__organization__in=auditing_orgs) | - Q(role__in=Role.visible_roles(self.user) if auditing_orgs else []) + Q(role__in=Role.objects.filter(ancestors__in=self.user.roles.all()) if auditing_orgs else []) ).distinct() def can_add(self, data):