From 0d830893985a17f26f734dc8664033cc0c9c5307 Mon Sep 17 00:00:00 2001
From: Olivier Dony <odo@openerp.com>
Date: Mon, 10 Nov 2014 15:05:19 +0100
Subject: [PATCH] [FIX] /web/binary/{image,saveas}: use request.registry
 instead of deprecated `request.session.model`

This makes the controllers work also for
public users, e.g. in the frontend.
---
 addons/web/controllers/main.py | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/addons/web/controllers/main.py b/addons/web/controllers/main.py
index 2e44fffd312..e2c3d3092c8 100644
--- a/addons/web/controllers/main.py
+++ b/addons/web/controllers/main.py
@@ -1019,7 +1019,8 @@ class Binary(http.Controller):
     @http.route('/web/binary/image', type='http', auth="public")
     def image(self, model, id, field, **kw):
         last_update = '__last_update'
-        Model = request.session.model(model)
+        Model = request.registry[model]
+        cr, uid, context = request.cr, request.uid, request.context
         headers = [('Content-Type', 'image/png')]
         etag = request.httprequest.headers.get('If-None-Match')
         hashed_session = hashlib.md5(request.session_id).hexdigest()
@@ -1032,15 +1033,15 @@ class Binary(http.Controller):
                 if not id and hashed_session == etag:
                     return werkzeug.wrappers.Response(status=304)
                 else:
-                    date = Model.read([id], [last_update], request.context)[0].get(last_update)
+                    date = Model.read(cr, uid, [id], [last_update], context)[0].get(last_update)
                     if hashlib.md5(date).hexdigest() == etag:
                         return werkzeug.wrappers.Response(status=304)
 
             if not id:
-                res = Model.default_get([field], request.context).get(field)
+                res = Model.default_get(cr, uid, [field], context).get(field)
                 image_base64 = res
             else:
-                res = Model.read([id], [last_update, field], request.context)[0]
+                res = Model.read(cr, uid, [id], [last_update, field], context)[0]
                 retag = hashlib.md5(res.get(last_update)).hexdigest()
                 image_base64 = res.get(field)
 
@@ -1086,14 +1087,15 @@ class Binary(http.Controller):
         :param str filename_field: field holding the file's name, if any
         :returns: :class:`werkzeug.wrappers.Response`
         """
-        Model = request.session.model(model)
+        Model = request.registry[model]
+        cr, uid, context = request.cr, request.uid, request.context
         fields = [field]
         if filename_field:
             fields.append(filename_field)
         if id:
-            res = Model.read([int(id)], fields, request.context)[0]
+            res = Model.read(cr, uid, [int(id)], fields, context)[0]
         else:
-            res = Model.default_get(fields, request.context)
+            res = Model.default_get(cr, uid, fields, context)
         filecontent = base64.b64decode(res.get(field, ''))
         if not filecontent:
             return request.not_found()