# HG changeset patch
# User Sylvain Thénault <sylvain.thenault@logilab.fr>
# Date 1266486941 -3600
# Node ID d8c3a50a8ee7c24764abee8c854c268ed27d03f0
# Parent  1b46d5ece0d549e5dd3d311b9518ffdfb7de9ced
this is not the form renderer responsability to check for update permissions. Move this to autoform editable_attributes relation

diff -r 1b46d5ece0d5 -r d8c3a50a8ee7 web/views/autoform.py
--- a/web/views/autoform.py	Thu Feb 18 10:54:50 2010 +0100
+++ b/web/views/autoform.py	Thu Feb 18 10:55:41 2010 +0100
@@ -655,6 +655,8 @@
         """return a list of (relation schema, role) to edit for the entity"""
         if self.display_fields is not None:
             return self.display_fields
+        if self.edited_entity.has_eid() and not self.edited_entity.has_perm('update'):
+            return []
         # XXX we should simply put eid in the generated section, no?
         return [(rtype, role) for rtype, _, role in self._relations_by_section(
             'attributes', 'update', strict) if rtype != 'eid']
diff -r 1b46d5ece0d5 -r d8c3a50a8ee7 web/views/formrenderers.py
--- a/web/views/formrenderers.py	Thu Feb 18 10:54:50 2010 +0100
+++ b/web/views/formrenderers.py	Thu Feb 18 10:55:41 2010 +0100
@@ -380,10 +380,6 @@
         attrs_fs_label += '<div class="formBody">'
         return attrs_fs_label + super(EntityFormRenderer, self).open_form(form, values)
 
-    def _render_fields(self, fields, w, form):
-        if not form.edited_entity.has_eid() or form.edited_entity.has_perm('update'):
-            super(EntityFormRenderer, self)._render_fields(fields, w, form)
-
     def render_buttons(self, w, form):
         if len(form.form_buttons) == 3:
             w("""<table width="100%%">