From c3f9638fbce862f1403630950badfb2d7db747c6 Mon Sep 17 00:00:00 2001
From: Christopher Byrd <chrabyrd@gmail.com>
Date: Wed, 22 Jan 2025 15:58:44 -0800
Subject: [PATCH 1/3] adds superuser escape hatch to has_perm #11743

---
 arches/app/permissions/arches_permission_base.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/arches/app/permissions/arches_permission_base.py b/arches/app/permissions/arches_permission_base.py
index 3a289d30077..b466380ea56 100644
--- a/arches/app/permissions/arches_permission_base.py
+++ b/arches/app/permissions/arches_permission_base.py
@@ -624,6 +624,9 @@ def has_perm(self, user_obj: User, perm: str, obj: Model | None = None) -> bool:
             support, user_obj = check_support(user_obj, obj)
             if not support:
                 return False
+            
+            if user_obj.is_superuser:
+                return True
 
             if "." in perm:
                 app_label, perm = perm.split(".")

From 3029c03aafdf994a7f3e4eaf8cca4437f564478f Mon Sep 17 00:00:00 2001
From: Christopher Byrd <chrabyrd@gmail.com>
Date: Wed, 22 Jan 2025 16:06:33 -0800
Subject: [PATCH 2/3] nit #11743

---
 arches/app/permissions/arches_permission_base.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/arches/app/permissions/arches_permission_base.py b/arches/app/permissions/arches_permission_base.py
index b466380ea56..b38717332fe 100644
--- a/arches/app/permissions/arches_permission_base.py
+++ b/arches/app/permissions/arches_permission_base.py
@@ -624,9 +624,6 @@ def has_perm(self, user_obj: User, perm: str, obj: Model | None = None) -> bool:
             support, user_obj = check_support(user_obj, obj)
             if not support:
                 return False
-            
-            if user_obj.is_superuser:
-                return True
 
             if "." in perm:
                 app_label, perm = perm.split(".")
@@ -635,6 +632,9 @@ def has_perm(self, user_obj: User, perm: str, obj: Model | None = None) -> bool:
                         "Passed perm has app label of '%s' and "
                         "given obj has '%s'" % (app_label, obj._meta.app_label)
                     )
+            
+            if user_obj.is_superuser:
+                return True
 
             obj_checker: ObjectPermissionChecker = CachedObjectPermissionChecker(
                 user_obj, obj

From 703c290af15f999e90851f5deda5267fa1f40a36 Mon Sep 17 00:00:00 2001
From: Christopher Byrd <chrabyrd@gmail.com>
Date: Wed, 22 Jan 2025 16:14:20 -0800
Subject: [PATCH 3/3] nit #11743

---
 arches/app/permissions/arches_permission_base.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arches/app/permissions/arches_permission_base.py b/arches/app/permissions/arches_permission_base.py
index b38717332fe..23b128fbc1c 100644
--- a/arches/app/permissions/arches_permission_base.py
+++ b/arches/app/permissions/arches_permission_base.py
@@ -632,7 +632,7 @@ def has_perm(self, user_obj: User, perm: str, obj: Model | None = None) -> bool:
                         "Passed perm has app label of '%s' and "
                         "given obj has '%s'" % (app_label, obj._meta.app_label)
                     )
-            
+
             if user_obj.is_superuser:
                 return True