From 2b3b69ed703d2f09fd22c31789d1bcc0175a4aa2 Mon Sep 17 00:00:00 2001
From: Lance Edgar <ledgar@sacfoodcoop.com>
Date: Thu, 27 Oct 2016 15:58:00 -0500
Subject: [PATCH] Tweak how we auto-filter 'deleted' products

Hopefully this doesn't break anything?  This change is required for a
user who has 'become root' to see deleted products.
---
 tailbone/views/products.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tailbone/views/products.py b/tailbone/views/products.py
index 16a11ebe..14b23a09 100644
--- a/tailbone/views/products.py
+++ b/tailbone/views/products.py
@@ -113,7 +113,9 @@ class ProductsView(MasterView):
             user = session.merge(user)
 
         query = session.query(model.Product)
-        if not auth.has_permission(session, user, 'products.view_deleted'):
+        # TODO: was this old `has_permission()` call here for a reason..? hope not..
+        # if not auth.has_permission(session, user, 'products.view_deleted'):
+        if not self.request.has_perm('products.view_deleted'):
             query = query.filter(model.Product.deleted == False)
 
         # TODO: This used to be a good idea I thought...but in dev it didn't