Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hooks/security.py
changeset 2968 0e3460341023
parent 2920 64322aa83a1d
parent 2895 903bd3f89f80
child 3376 f5c69485381f
equal deleted inserted replaced
2902:dd9f2dd02f85 2968:0e3460341023 
    89     __id__ = 'securitybeforeaddrelation'
 
    89     __id__ = 'securitybeforeaddrelation'
 
    90     events = ('before_add_relation',)
 
    90     events = ('before_add_relation',)
 
    91 
    91 
    92     def __call__(self):
 
    92     def __call__(self):
 
    93         if self.rtype in BEFORE_ADD_RELATIONS:
 
    93         if self.rtype in BEFORE_ADD_RELATIONS:
 
       
    94             nocheck = self._cw.transaction_data.get('skip-security', ())
 
       
    95             if (self.eidfrom, self.rtype, self.eidto) in nocheck:
 
       
    96                 return
 
    94             rschema = self._cw.repo.schema[self.rtype]
 
    97             rschema = self._cw.repo.schema[self.rtype]
 
    95             rschema.check_perm(self._cw, 'add', self.eidfrom, self.eidto)
 
    98             rschema.check_perm(self._cw, 'add', self.eidfrom, self.eidto)
 
    96 
    99 
    97 
   100 
    98 class AfterAddRelationSecurityHook(SecurityHook):
 
   101 class AfterAddRelationSecurityHook(SecurityHook):
 
    99     __id__ = 'securityafteraddrelation'
 
   102     __id__ = 'securityafteraddrelation'
 
   100     events = ('after_add_relation',)
 
   103     events = ('after_add_relation',)
 
   101 
   104 
   102     def __call__(self):
 
   105     def __call__(self):
 
   103         if not self.rtype in BEFORE_ADD_RELATIONS:
 
   106         if not self.rtype in BEFORE_ADD_RELATIONS:
 
       
   107             nocheck = self._cw.transaction_data.get('skip-security', ())
 
       
   108             if (self.eidfrom, self.rtype, self.eidto) in nocheck:
 
       
   109                 return
 
   104             rschema = self._cw.repo.schema[self.rtype]
 
   110             rschema = self._cw.repo.schema[self.rtype]
 
   105             if self.rtype in ON_COMMIT_ADD_RELATIONS:
 
   111             if self.rtype in ON_COMMIT_ADD_RELATIONS:
 
   106                 _CheckRelationPermissionOp(self._cw, action='add',
 
   112                 _CheckRelationPermissionOp(self._cw, action='add',
 
   107                                            rschema=rschema,
 
   113                                            rschema=rschema,
 
   108                                            eidfrom=self.eidfrom,
 
   114                                            eidfrom=self.eidfrom,
 
   114 class BeforeDelRelationSecurityHook(SecurityHook):
 
   120 class BeforeDelRelationSecurityHook(SecurityHook):
 
   115     __id__ = 'securitybeforedelrelation'
 
   121     __id__ = 'securitybeforedelrelation'
 
   116     events = ('before_delete_relation',)
 
   122     events = ('before_delete_relation',)
 
   117 
   123 
   118     def __call__(self):
 
   124     def __call__(self):
 
       
   125         nocheck = self._cw.transaction_data.get('skip-security', ())
 
       
   126         if (self.eidfrom, self.rtype, self.eidto) in nocheck:
 
       
   127             return
 
   119         self._cw.repo.schema[self.rtype].check_perm(self._cw, 'delete',
 
   128         self._cw.repo.schema[self.rtype].check_perm(self._cw, 'delete',
 
   120                                                        self.eidfrom, self.eidto)
 
   129                                                        self.eidfrom, self.eidto)
 
   121 
   130
cubicweb