# HG changeset patch
# User Marcin Kuzminski <marcin@rhodecode.com>
# Date 2019-07-24 09:53:06
# Node ID 95b389c15fe76b597148de111ec0ca6f3ad9accd
# Parent  796d3ee3ae14e1ae211298012fb61385805c08ad

path-filter: enable for quick search menu.

diff --git a/rhodecode/api/views/repo_api.py b/rhodecode/api/views/repo_api.py
--- a/rhodecode/api/views/repo_api.py
+++ b/rhodecode/api/views/repo_api.py
@@ -616,8 +616,6 @@ def get_repo_fts_tree(request, apiuser, 
     cache_namespace_uid = 'cache_repo.{}'.format(repo_id)
     region = rc_cache.get_or_create_region('cache_repo', cache_namespace_uid)
 
-    @region.conditional_cache_on_arguments(namespace=cache_namespace_uid,
-                                           condition=cache_on)
     def compute_fts_tree(repo_id, commit_id, root_path, cache_ver):
         return ScmModel().get_fts_data(repo_id, commit_id, root_path)
 
diff --git a/rhodecode/apps/_base/__init__.py b/rhodecode/apps/_base/__init__.py
--- a/rhodecode/apps/_base/__init__.py
+++ b/rhodecode/apps/_base/__init__.py
@@ -320,9 +320,15 @@ class PathFilter(object):
         self.permission_checker = permission_checker
 
     def assert_path_permissions(self, path):
-        if path and self.permission_checker and not self.permission_checker.has_access(path):
-            raise HTTPForbidden()
-        return path
+        if self.path_access_allowed(path):
+            return path
+        raise HTTPForbidden()
+
+    def path_access_allowed(self, path):
+        log.debug('Checking ACL permissions for PathFilter for `%s`', path)
+        if self.permission_checker:
+            return path and self.permission_checker.has_access(path)
+        return True
 
     def filter_patchset(self, patchset):
         if not self.permission_checker or not patchset:
diff --git a/rhodecode/apps/repository/views/repo_files.py b/rhodecode/apps/repository/views/repo_files.py
--- a/rhodecode/apps/repository/views/repo_files.py
+++ b/rhodecode/apps/repository/views/repo_files.py
@@ -904,9 +904,11 @@ class RepoFilesView(RepoAppView):
                 raise HTTPFound(h.route_path(
                     'repo_files', repo_name=self.db_repo_name,
                     commit_id='tip', f_path='/'))
+
             return _d + _f
 
-        return compute_file_search(self.db_repo.repo_id, commit_id, f_path)
+        result = compute_file_search(self.db_repo.repo_id, commit_id, f_path)
+        return filter(lambda n: self.path_filter.path_access_allowed(n['name']), result)
 
     @LoginRequired()
     @HasRepoPermissionAnyDecorator(