1👍
✅
It is expensive computationally to do this for every user. Imagine if you had hundreds of thousands of them. In the docs:
Limitations of object level permissions
For performance reasons the generic views will not automatically apply
object level permissions to each instance in a queryset when returning
a list of objects.Often when you’re using object level permissions you’ll also want to
filter the queryset appropriately, to ensure that users only have
visibility onto instances that they are permitted to view.
A work around is probably just to override the list view and use .filter(profile_status__exact='public'
Source:stackexchange.com