Respect access inactive content permission in @search

[cekk]

In Products.CMFPlone there is a method that checks if the current user has that permission in the list of paths in kw.

In @search handler we call searchResults method passing a query and not kw.
This leads to a problem because if you give that permission to some roles (Editor for example) and you give Editor role to an user in a subfolder, the @search endpoint will not show expired contents in that folder even if the user has the right permission.

You can test it easily with Volto because the "/contents" view does exactly the problematic @search call:

• add Editor to "Access inactive portal content" permission
• assign Editor role to an user inside a subfolder
• create an expired content inside it
• go to /contents view
• expired content is missing
• in the backend you can see it correctly in folder_contents

with this pr i am going to change how we pass parameters to searchResults

I'm doing the fix here because it's easier and quicker but if you think that this should be fixed inside CMFPlone, let me know.

[mister-roboto]

@cekk thanks for creating this Pull Request and help improve Plone!

To ensure that these changes do not break other parts of Plone, the Plone test suite matrix needs to pass.

Whenever you feel that the pull request is ready to be tested, either start all jenkins jobs pull requests by yourself, or simply add a comment in this pull request stating:

@jenkins-plone-org please run jobs

With this simple comment all the jobs will be started automatically.

Happy hacking!

[cekk]

@jenkins-plone-org please run jobs

[tisto]

LGTM. We worked around lots of quirks in Plone core in plone.restapi in the past. Though, at some point, we have to start fixing things...