From e50ef873d248a61f80c3870e2bc8369c393f84a7 Mon Sep 17 00:00:00 2001
From: Mitchell Kotler <mitch@mitchellkotler.net>
Date: Thu, 23 Oct 2025 16:07:35 -0400
Subject: [PATCH] add permission filter

---
 .../templates/admin/dropdown_filter.html      | 27 +++++++++++++++++++
 documentcloud/users/admin.py                  | 23 ++++++++++++++++
 2 files changed, 50 insertions(+)
 create mode 100644 documentcloud/templates/admin/dropdown_filter.html

diff --git a/documentcloud/templates/admin/dropdown_filter.html b/documentcloud/templates/admin/dropdown_filter.html
new file mode 100644
index 00000000..406ffa3b
--- /dev/null
+++ b/documentcloud/templates/admin/dropdown_filter.html
@@ -0,0 +1,27 @@
+{% load i18n %}
+<div class="mb-4">
+<script type="text/javascript">var go_from_select = function(opt) { window.location = window.location.pathname + opt };</script>
+<h3 class="font-medium mb-2 text-gray-700 text-sm dark:text-gray-200">{% blocktrans with title as filter_title %} By {{ filter_title }} {% endblocktrans %}</h3>
+<ul class="admin-filter-{{ title|cut:' ' }}">
+{% if choices|slice:"1:" %}
+    <li class="font-medium rounded-md shadow-sm text-gray-500 text-sm focus:ring focus:ring-primary-300 focus:border-primary-600 focus:outline-none group-[.errors]:border-red-600 group-[.errors]:focus:ring-red-200 dark:bg-gray-900 dark:border-gray-700 dark:text-gray-400 dark:focus:border-primary-600 dark:focus:ring-primary-700 dark:focus:ring-opacity-50 dark:group-[.errors]:border-red-500 dark:group-[.errors]:focus:ring-red-600/40 w-full max-w-2xl">
+    <select
+        style="margin-bottom: 10px; height: 100%; width: 100%;"
+        class="select2 select2-container select2-container--admin-autocomplete"
+        onchange="go_from_select(this.options[this.selectedIndex].value)">
+    {% for choice in choices %}
+        <option{% if choice.selected %} selected="selected"{% endif %}
+         value="{{ choice.query_string|iriencode }}">{{ choice.display }}</option>
+    {% endfor %}
+    </select>
+    </li>
+{% else %}
+
+    {% for choice in choices %}
+            <li{% if choice.selected %} class="selected"{% endif %}>
+            <a href="{{ choice.query_string|iriencode }}">{{ choice.display }}</a></li>
+    {% endfor %}
+
+{% endif %}
+</ul>
+</div>
diff --git a/documentcloud/users/admin.py b/documentcloud/users/admin.py
index a92fb0cf..40cfe9c2 100644
--- a/documentcloud/users/admin.py
+++ b/documentcloud/users/admin.py
@@ -1,6 +1,9 @@
 # Django
 from django.conf import settings
 from django.contrib import admin
+from django.contrib.admin.filters import SimpleListFilter
+from django.contrib.auth.models import Permission
+from django.db.models.query_utils import Q
 from django.http.response import HttpResponse
 from django.urls.conf import re_path
 
@@ -14,10 +17,30 @@
 from documentcloud.users.models import User
 
 
+class PermissionFilter(SimpleListFilter):
+    """Filter for users by permission"""
+
+    title = "Permission"
+    parameter_name = "permission"
+    template = "admin/dropdown_filter.html"
+
+    def lookups(self, request, model_admin):
+        return Permission.objects.values_list("pk", "name")
+
+    def queryset(self, request, queryset):
+        return queryset.filter(
+            Q(user_permissions=self.value())
+            | Q(groups__permissions=self.value())
+            | Q(is_superuser=True)
+        ).distinct()
+
+
 @admin.register(User)
 class UserAdmin(SAUserAdmin):
     """User Admin"""
 
+    list_filter = SAUserAdmin.list_filter + (PermissionFilter,)
+
     def get_urls(self):
         """Add custom URLs here"""
         urls = super().get_urls()