# HG changeset patch
# User sylvain.thenault@logilab.fr
# Date 1233061097 -3600
# Node ID 49dfd0bb422cc7ba98ba9dccd719a95f20cf405a
# Parent  c9b0c3c06be0b2bf1d58fa82538704202557857d# Parent  79eccee3004918d9d484a23037c1579dfc8a9b30
merge

diff -r c9b0c3c06be0 -r 49dfd0bb422c common/entity.py
--- a/common/entity.py	Tue Jan 27 13:05:38 2009 +0100
+++ b/common/entity.py	Tue Jan 27 13:58:17 2009 +0100
@@ -391,6 +391,10 @@
         res['source'] = self.req.source_defs()[res['source']]
         return res
 
+    def clear_local_perm_cache(self, action):
+        for rqlexpr in self.e_schema.get_rqlexprs(action):
+            self.req.local_perm_cache.pop((rqlexpr.eid, (('x', self.eid),)), None)
+
     def check_perm(self, action):
         self.e_schema.check_perm(self.req, action, self.eid)
 
diff -r c9b0c3c06be0 -r 49dfd0bb422c server/securityhooks.py
--- a/server/securityhooks.py	Tue Jan 27 13:05:38 2009 +0100
+++ b/server/securityhooks.py	Tue Jan 27 13:58:17 2009 +0100
@@ -54,6 +54,7 @@
             entity.check_perm('update')
             check_entity_attributes(session, entity)
         except Unauthorized:
+            entity.clear_local_perm_cache('update')
             CheckEntityPermissionOp(session, entity=entity, action='update')
         
 def before_del_entity(session, eid):