Allow HTMLRequest.batch to filter on other permissions than "View"

(e.g. on the new "Search" permission") by adding a "permission"
parameter. Thanks to Eli Collins for the patch. Closes issue2550699.

git-svn-id: http://svn.roundup-tracker.org/svnroot/roundup/roundup/trunk@4636 57a73879-2fb5-44c3-a270-3262357dd7e2

diff --git a/CHANGES.txt b/CHANGES.txt
index d2ff6953a67f6fc4455d2bb256d11da9836f7045..76f9b5efe1ece75efc3bfa57518243417823243b 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -12,6 +12,9 @@ Features:
 - PostgreSQL backend minor improvement: database creation less likely to fail
   for PostgreSQL versions >= 8.1 as the table "postgres" is used by default.
   Closes issue2550543. Thanks to Kai Storbeck for the patch. (Bernhard Reiter)
+- Allow HTMLRequest.batch to filter on other permissions than "View"
+  (e.g. on the new "Search" permission") by adding a "permission"
+  parameter. Thanks to Eli Collins for the patch. Closes issue2550699.
 
 Fixed:
 

diff --git a/roundup/cgi/templating.py b/roundup/cgi/templating.py
index 04cfd76ab6cb3689d59d7ebc108c8d0904f1c3d9..b0eaf022bc34120b2084c9bc433d5d39b7dd5e1a 100644 (file)
--- a/roundup/cgi/templating.py
+++ b/roundup/cgi/templating.py
@@ -2718,7 +2718,7 @@ function help_window(helpurl, width, height) {
 </script>
 """%self.base
 
-    def batch(self):
+    def batch(self, permission='View'):
         """ Return a batch object for results from the "current search"
         """
         check = self._client.db.security.hasPermission
@@ -2744,7 +2744,7 @@ function help_window(helpurl, width, height) {
 
         # filter for visibility
         l = [id for id in klass.filter(matches, filterspec, sort, group)
-            if check('View', userid, self.classname, itemid=id)]
+            if check(permission, userid, self.classname, itemid=id)]
 
         # return the batch object, using IDs only
         return Batch(self.client, l, self.pagesize, self.startwith,