54 ETypeNotSupportedBySources, MultiSourcesError, |
54 ETypeNotSupportedBySources, MultiSourcesError, |
55 BadConnectionId, Unauthorized, ValidationError, |
55 BadConnectionId, Unauthorized, ValidationError, |
56 RepositoryError, UniqueTogetherError, typed_eid, onevent) |
56 RepositoryError, UniqueTogetherError, typed_eid, onevent) |
57 from cubicweb import cwvreg, schema, server |
57 from cubicweb import cwvreg, schema, server |
58 from cubicweb.server import ShuttingDown, utils, hook, pool, querier, sources |
58 from cubicweb.server import ShuttingDown, utils, hook, pool, querier, sources |
59 from cubicweb.server.session import Session, InternalSession, InternalManager, \ |
59 from cubicweb.server.session import Session, InternalSession, InternalManager |
60 security_enabled |
|
61 from cubicweb.server.ssplanner import EditedEntity |
60 from cubicweb.server.ssplanner import EditedEntity |
62 |
61 |
63 NO_CACHE_RELATIONS = set( [('owned_by', 'object'), |
62 NO_CACHE_RELATIONS = set( [('owned_by', 'object'), |
64 ('created_by', 'object'), |
63 ('created_by', 'object'), |
65 ('cw_source', 'object'), |
64 ('cw_source', 'object'), |
107 # notes: |
106 # notes: |
108 # * inlined relations will be implicitly deleted for the subject entity |
107 # * inlined relations will be implicitly deleted for the subject entity |
109 # * we don't want read permissions to be applied but we want delete |
108 # * we don't want read permissions to be applied but we want delete |
110 # permission to be checked |
109 # permission to be checked |
111 if card[0] in '1?': |
110 if card[0] in '1?': |
112 with security_enabled(session, read=False): |
111 with session.security_enabled(read=False): |
113 session.execute('DELETE X %s Y WHERE X eid %%(x)s, ' |
112 session.execute('DELETE X %s Y WHERE X eid %%(x)s, ' |
114 'NOT Y eid %%(y)s' % rtype, |
113 'NOT Y eid %%(y)s' % rtype, |
115 {'x': eidfrom, 'y': eidto}) |
114 {'x': eidfrom, 'y': eidto}) |
116 if card[1] in '1?': |
115 if card[1] in '1?': |
117 with security_enabled(session, read=False): |
116 with session.security_enabled(read=False): |
118 session.execute('DELETE X %s Y WHERE Y eid %%(y)s, ' |
117 session.execute('DELETE X %s Y WHERE Y eid %%(y)s, ' |
119 'NOT X eid %%(x)s' % rtype, |
118 'NOT X eid %%(x)s' % rtype, |
120 {'x': eidfrom, 'y': eidto}) |
119 {'x': eidfrom, 'y': eidto}) |
121 |
120 |
122 |
121 |
1198 pendingrtypes = session.transaction_data.get('pendingrtypes', ()) |
1197 pendingrtypes = session.transaction_data.get('pendingrtypes', ()) |
1199 if scleanup is not None: |
1198 if scleanup is not None: |
1200 source = self.sources_by_eid[scleanup] |
1199 source = self.sources_by_eid[scleanup] |
1201 # delete remaining relations: if user can delete the entity, he can |
1200 # delete remaining relations: if user can delete the entity, he can |
1202 # delete all its relations without security checking |
1201 # delete all its relations without security checking |
1203 with security_enabled(session, read=False, write=False): |
1202 with session.security_enabled(read=False, write=False): |
1204 eid = entity.eid |
1203 eid = entity.eid |
1205 for rschema, _, role in entity.e_schema.relation_definitions(): |
1204 for rschema, _, role in entity.e_schema.relation_definitions(): |
1206 rtype = rschema.type |
1205 rtype = rschema.type |
1207 if rtype in schema.VIRTUAL_RTYPES or rtype in pendingrtypes: |
1206 if rtype in schema.VIRTUAL_RTYPES or rtype in pendingrtypes: |
1208 continue |
1207 continue |
1240 pendingrtypes = session.transaction_data.get('pendingrtypes', ()) |
1239 pendingrtypes = session.transaction_data.get('pendingrtypes', ()) |
1241 if scleanup is not None: |
1240 if scleanup is not None: |
1242 source = self.sources_by_eid[scleanup] |
1241 source = self.sources_by_eid[scleanup] |
1243 # delete remaining relations: if user can delete the entity, he can |
1242 # delete remaining relations: if user can delete the entity, he can |
1244 # delete all its relations without security checking |
1243 # delete all its relations without security checking |
1245 with security_enabled(session, read=False, write=False): |
1244 with session.security_enabled(read=False, write=False): |
1246 in_eids = ','.join([str(_e.eid) for _e in entities]) |
1245 in_eids = ','.join([str(_e.eid) for _e in entities]) |
1247 for rschema, _, role in entities[0].e_schema.relation_definitions(): |
1246 for rschema, _, role in entities[0].e_schema.relation_definitions(): |
1248 rtype = rschema.type |
1247 rtype = rschema.type |
1249 if rtype in schema.VIRTUAL_RTYPES or rtype in pendingrtypes: |
1248 if rtype in schema.VIRTUAL_RTYPES or rtype in pendingrtypes: |
1250 continue |
1249 continue |
1353 value = edited[attr] |
1352 value = edited[attr] |
1354 relations.append((attr, value)) |
1353 relations.append((attr, value)) |
1355 session.update_rel_cache_add(entity.eid, attr, value) |
1354 session.update_rel_cache_add(entity.eid, attr, value) |
1356 rdef = session.rtype_eids_rdef(attr, entity.eid, value) |
1355 rdef = session.rtype_eids_rdef(attr, entity.eid, value) |
1357 if rdef.cardinality[1] in '1?' and activeintegrity: |
1356 if rdef.cardinality[1] in '1?' and activeintegrity: |
1358 with security_enabled(session, read=False): |
1357 with session.security_enabled(read=False): |
1359 session.execute('DELETE X %s Y WHERE Y eid %%(y)s' % attr, |
1358 session.execute('DELETE X %s Y WHERE Y eid %%(y)s' % attr, |
1360 {'x': entity.eid, 'y': value}) |
1359 {'x': entity.eid, 'y': value}) |
1361 edited.set_defaults() |
1360 edited.set_defaults() |
1362 if session.is_hook_category_activated('integrity'): |
1361 if session.is_hook_category_activated('integrity'): |
1363 edited.check(creation=True) |
1362 edited.check(creation=True) |
1539 # be inserted later, we've remove duplicated eids since they |
1538 # be inserted later, we've remove duplicated eids since they |
1540 # won't be catched by `del_existing_rel_if_needed` |
1539 # won't be catched by `del_existing_rel_if_needed` |
1541 rdef = session.rtype_eids_rdef(rtype, subjeid, objeid) |
1540 rdef = session.rtype_eids_rdef(rtype, subjeid, objeid) |
1542 card = rdef.cardinality |
1541 card = rdef.cardinality |
1543 if card[0] in '?1': |
1542 if card[0] in '?1': |
1544 with security_enabled(session, read=False): |
1543 with session.security_enabled(read=False): |
1545 session.execute('DELETE X %s Y WHERE X eid %%(x)s, ' |
1544 session.execute('DELETE X %s Y WHERE X eid %%(x)s, ' |
1546 'NOT Y eid %%(y)s' % rtype, |
1545 'NOT Y eid %%(y)s' % rtype, |
1547 {'x': subjeid, 'y': objeid}) |
1546 {'x': subjeid, 'y': objeid}) |
1548 subjects = subjects_by_types.setdefault(rdef, {}) |
1547 subjects = subjects_by_types.setdefault(rdef, {}) |
1549 if subjeid in subjects: |
1548 if subjeid in subjects: |
1550 del relations_by_rtype[rtype][subjects[subjeid]] |
1549 del relations_by_rtype[rtype][subjects[subjeid]] |
1551 subjects[subjeid] = len(relations_by_rtype[rtype]) - 1 |
1550 subjects[subjeid] = len(relations_by_rtype[rtype]) - 1 |
1552 continue |
1551 continue |
1553 subjects[subjeid] = len(relations_by_rtype[rtype]) - 1 |
1552 subjects[subjeid] = len(relations_by_rtype[rtype]) - 1 |
1554 if card[1] in '?1': |
1553 if card[1] in '?1': |
1555 with security_enabled(session, read=False): |
1554 with session.security_enabled(read=False): |
1556 session.execute('DELETE X %s Y WHERE Y eid %%(y)s, ' |
1555 session.execute('DELETE X %s Y WHERE Y eid %%(y)s, ' |
1557 'NOT X eid %%(x)s' % rtype, |
1556 'NOT X eid %%(x)s' % rtype, |
1558 {'x': subjeid, 'y': objeid}) |
1557 {'x': subjeid, 'y': objeid}) |
1559 objects = objects_by_types.setdefault(rdef, {}) |
1558 objects = objects_by_types.setdefault(rdef, {}) |
1560 if objeid in objects: |
1559 if objeid in objects: |