From bc13129e3b343be7d56cee3b6f5367ed53b49431 Mon Sep 17 00:00:00 2001
From: Roberto Rosario <roberto.rosario.gonzalez@gmail.com>
Date: Tue, 14 Oct 2014 04:00:14 -0400
Subject: [PATCH] Close issue #77, add document view permission to the search
 app

---
 mayan/apps/documents/__init__.py       |  2 +-
 mayan/apps/dynamic_search/api_views.py |  3 ++
 mayan/apps/dynamic_search/classes.py   |  3 +-
 mayan/apps/dynamic_search/views.py     | 44 ++++++++++++++------------
 4 files changed, 30 insertions(+), 22 deletions(-)

diff --git a/mayan/apps/documents/__init__.py b/mayan/apps/documents/__init__.py
index bf4d916eee..7fcb1e35cd 100644
--- a/mayan/apps/documents/__init__.py
+++ b/mayan/apps/documents/__init__.py
@@ -142,7 +142,7 @@ class_permissions(Document, [PERMISSION_DOCUMENT_DELETE,
                              PERMISSION_DOCUMENT_VIEW,
                              PERMISSION_HISTORY_VIEW])
 
-document_search = SearchModel('documents', 'Document', serializer=DocumentSerializer)
+document_search = SearchModel('documents', 'Document', permission=PERMISSION_DOCUMENT_VIEW, serializer=DocumentSerializer)
 document_search.add_model_field('document_type__name', label=_(u'Document type'))
 
 # TODO: move these to their respective apps
diff --git a/mayan/apps/dynamic_search/api_views.py b/mayan/apps/dynamic_search/api_views.py
index 3b91a2dff9..4fe2a6f099 100644
--- a/mayan/apps/dynamic_search/api_views.py
+++ b/mayan/apps/dynamic_search/api_views.py
@@ -44,9 +44,12 @@ class APISearchView(generics.ListAPIView):
     q -- Term that will be used for the search.
     """
 
+    filter_backends = (MayanObjectPermissionsFilter,)
+
     def get_queryset(self):
         document_search = SearchModel.get('documents.Document')
         self.serializer_class = document_search.serializer
+        self.mayan_object_permissions = {'GET': [document_search.permission]}
 
         if 'q' in self.request.GET:
             # Simple query
diff --git a/mayan/apps/dynamic_search/classes.py b/mayan/apps/dynamic_search/classes.py
index 886895c14c..bbdc40232a 100644
--- a/mayan/apps/dynamic_search/classes.py
+++ b/mayan/apps/dynamic_search/classes.py
@@ -23,13 +23,14 @@ class SearchModel(object):
     def get(cls, full_name):
         return cls.registry[full_name]
 
-    def __init__(self, app_label, model_name, serializer, label=None):
+    def __init__(self, app_label, model_name, serializer, label=None, permission=None):
         self.app_label = app_label
         self.model_name = model_name
         self.search_fields = {}
         self.model = get_model(app_label, model_name)
         self.label = label or self.model._meta.verbose_name
         self.serializer = serializer
+        self.permission = permission
         self.__class__.registry[self.get_full_name()] = self
 
     def get_full_name(self):
diff --git a/mayan/apps/dynamic_search/views.py b/mayan/apps/dynamic_search/views.py
index 07ca6448fb..fcf68677bd 100644
--- a/mayan/apps/dynamic_search/views.py
+++ b/mayan/apps/dynamic_search/views.py
@@ -3,12 +3,16 @@ from __future__ import absolute_import
 import logging
 import urlparse
 
+from django.core.exceptions import PermissionDenied
 from django.core.urlresolvers import reverse
 from django.http import HttpResponseRedirect
 from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.utils.translation import ugettext_lazy as _
 
+from acls.models import AccessEntry
+from permissions.models import Permission
+
 from .classes import SearchModel
 from .forms import SearchForm, AdvancedSearchForm
 from .models import RecentSearch
@@ -40,6 +44,12 @@ def results(request, extra_context=None):
             logger.debug('advanced search')
             queryset, ids, timedelta = document_search.advanced_search(request.GET)
 
+        if document_search.permission:
+            try:
+                Permission.objects.check_permissions(request.user, [document_search.permission])
+            except PermissionDenied:
+                queryset = AccessEntry.objects.filter_objects_by_access(document_search.permission, request.user, queryset)
+
         # Update the context with the search results
         context.update({
             'object_list': queryset,
@@ -77,27 +87,21 @@ def search(request, advanced=False):
             }, context_instance=RequestContext(request)
         )
     else:
-        if request.GET.get('source') != 'sidebar':
-            # Don't include a form a top of the results if the search
-            # was originated from the sidebar search form
-            extra_context = {
-                'submit_label': _(u'Search'),
-                'submit_icon_famfam': 'zoom',
-                'form_title': _(u'Search'),
-                'form_hide_required_text': True,
-            }
-            if ('q' in request.GET) and request.GET['q'].strip():
-                query_string = request.GET['q']
-                form = SearchForm(initial={'q': query_string})
-                extra_context.update({'form': form})
-                return results(request, extra_context=extra_context)
-            else:
-                form = SearchForm()
-                extra_context.update({'form': form})
-                return results(request, extra_context=extra_context)
+        extra_context = {
+            'submit_label': _(u'Search'),
+            'submit_icon_famfam': 'zoom',
+            'form_title': _(u'Search'),
+            'form_hide_required_text': True,
+        }
+        if ('q' in request.GET) and request.GET['q'].strip():
+            query_string = request.GET['q']
+            form = SearchForm(initial={'q': query_string})
+            extra_context.update({'form': form})
+            return results(request, extra_context=extra_context)
         else:
-            # Already has a form with data, go to results
-            return results(request)
+            form = SearchForm()
+            extra_context.update({'form': form})
+            return results(request, extra_context=extra_context)
 
 
 def search_again(request):