From 6effc94349b0947c0f0638dcaab23a33a56eb869 Mon Sep 17 00:00:00 2001
From: Petter Reinholdtsen <pere@hungry.com>
Date: Wed, 11 Sep 2013 20:11:45 +0200
Subject: [PATCH] Fix expert user access checks. Several places in the code,
 cfg.users.expert() is used as a boolean test to see if the current user is an
 expert user.  But this do not work. Change the implementation of expert() to
 assume the current user if no argument is given, to get the code working.

---
 modules/installed/lib/user_store.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/installed/lib/user_store.py b/modules/installed/lib/user_store.py
index 236b73a8f..1512472be 100644
--- a/modules/installed/lib/user_store.py
+++ b/modules/installed/lib/user_store.py
@@ -16,7 +16,12 @@ class UserStore(UserStoreModule, sqlite_db):
     def close(self):
         self.__exit__(None,None,None)
 
+    def currentuser(self):
+        return cherrypy.session.get(cfg.session_key)
+
     def expert(self, username=None):
+        if username is None:
+            username = self.currentuser()
         groups = self.attr(username,"groups")
         if not groups:
             return False