1 files changed, 19 insertions, 11 deletions

diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index ac29236ff..79e816bcb 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -167,21 +167,27 @@ def check_permission(request, action_slug, obj_id=None):
         # TODO
         return True
     if obj_id:
-        return menu.items[action_slug].is_available(request.user, obj_id)
-    return menu.items[action_slug].can_be_available(request.user)
+        return menu.items[action_slug].is_available(request.user, obj_id,
+                                                    session=request.session)
+    return menu.items[action_slug].can_be_available(request.user,
+                                                    session=request.session)
 
 
-def autocomplete_person_permissive(request, person_types=None, attached_to=None,
-                                   is_ishtar_user=None):
-    return autocomplete_person(request, person_types=person_types, attached_to=attached_to,
-                               is_ishtar_user=is_ishtar_user, permissive=True)
+def autocomplete_person_permissive(request, person_types=None,
+                                   attached_to=None, is_ishtar_user=None):
+    return autocomplete_person(
+        request, person_types=person_types, attached_to=attached_to,
+        is_ishtar_user=is_ishtar_user, permissive=True)
 
 
 def autocomplete_person(request, person_types=None, attached_to=None,
                         is_ishtar_user=None, permissive=False):
-    if not request.user.has_perm('ishtar_common.view_person', models.Person) and \
-       not request.user.has_perm('ishtar_common.view_own_person', models.Person) \
-       and not request.user.ishtaruser.has_right('person_search'):
+    if not request.user.has_perm('ishtar_common.view_person',
+                                 models.Person) and \
+       not request.user.has_perm('ishtar_common.view_own_person',
+                                 models.Person) \
+       and not request.user.ishtaruser.has_right('person_search',
+                                                 session=request.session):
         return HttpResponse(mimetype='text/plain')
     if not request.GET.get('term'):
         return HttpResponse(mimetype='text/plain')
@@ -325,7 +331,8 @@ def get_item(model, func_name, default_name, extra_request_keys=[],
                 continue
             if request.user.has_perm(model._meta.app_label + '.' + perm) \
                     or (request.user.is_authenticated()
-                        and request.user.ishtaruser.has_right(perm)):
+                        and request.user.ishtaruser.has_right(
+                            perm, session=request.session)):
                 allowed = True
                 if "_own_" not in perm:
                     own = False
@@ -760,7 +767,8 @@ def autocomplete_organization(request, orga_type=None):
         models.Organization) and
         not request.user.has_perm('ishtar_common.view_own_organization',
                                   models.Organization)
-       and not request.user.ishtaruser.has_right('person_search')):
+       and not request.user.ishtaruser.has_right(
+            'person_search', session=request.session)):
         return HttpResponse(mimetype='text/plain')
     if not request.GET.get('term'):
         return HttpResponse(mimetype='text/plain')