[views/primary] some inner sections should use the `limit` by default to avoid a denial of service (closes #2719110) Today, it is possible to call .related and get a huge unlimited database-dos-inducing resultset that will be nevertheless limited a bit further in pure python in the `autolimited` view. While we cannot completely avoid potential denial of services such as these we mitigate the problem with the default ui settings: if the inner vid is `autolimited`, then the relation result sets is computed using the user-defined limit. This change respects the semantics of the `autolimited` view and shouldn't break anything.

     1

sync_schema_props_perms('CWSourceHostConfig', syncperms=False)

     2

     3

sql('INSERT INTO cw_source_relation(eid_from, eid_to) '

     4

    'SELECT e.eid,s.cw_eid FROM entities as e, cw_CWSource as s '

     5

    'WHERE s.cw_name=e.source AND NOT EXISTS(SELECT 1 FROM cw_source_relation WHERE eid_from=e.eid AND eid_to=s.cw_eid)')

     6

commit()