--- a/hooks/security.py	Thu Apr 29 07:03:08 2010 +0200
+++ b/hooks/security.py	Fri Apr 30 16:39:50 2010 +0200
@@ -53,8 +53,12 @@
 class _CheckEntityPermissionOp(hook.LateOperation):
     def precommit_event(self):
         #print 'CheckEntityPermissionOp', self.session.user, self.entity, self.action
-        self.entity.check_perm(self.action)
-        check_entity_attributes(self.session, self.entity, self.editedattrs)
+        session = self.session
+        for values in session.transaction_data['check_entity_perm_op']:
+            entity = session.entity_from_eid(values[0])
+            action = values[1]
+        entity.check_perm(action)
+        check_entity_attributes(session, entity, values[2:])
 
     def commit_event(self):
         pass
@@ -89,9 +93,9 @@
     events = ('after_add_entity',)
 
     def __call__(self):
-        _CheckEntityPermissionOp(self._cw, entity=self.entity,
-                                 editedattrs=tuple(self.entity.edited_attributes),
-                                 action='add')
+        hook.set_operation(self._cw, 'check_entity_perm_op',
+                           (self.entity.eid, 'add') + tuple(self.entity.edited_attributes),
+                           _CheckEntityPermissionOp)
 
 
 class AfterUpdateEntitySecurityHook(SecurityHook):
@@ -108,9 +112,9 @@
             # save back editedattrs in case the entity is reedited later in the
             # same transaction, which will lead to edited_attributes being
             # overwritten
-            _CheckEntityPermissionOp(self._cw, entity=self.entity,
-                                     editedattrs=tuple(self.entity.edited_attributes),
-                                     action='update')
+            hook.set_operation(self._cw, 'check_entity_perm_op',
+                               (self.entity.eid, 'update') + tuple(self.entity.edited_attributes),
+                               _CheckEntityPermissionOp)
 
 
 class BeforeDelEntitySecurityHook(SecurityHook):