91 # to config['anonymous-user'], we don't have this info on |
91 # to config['anonymous-user'], we don't have this info on |
92 # the server side. |
92 # the server side. |
93 return self.groups == frozenset(('guests', )) |
93 return self.groups == frozenset(('guests', )) |
94 |
94 |
95 def owns(self, eid): |
95 def owns(self, eid): |
96 if hasattr(self._cw, 'unsafe_execute'): |
|
97 # use unsafe_execute on the repository side, in case |
|
98 # session's user doesn't have access to CWUser |
|
99 execute = self._cw.unsafe_execute |
|
100 else: |
|
101 execute = self._cw.execute |
|
102 try: |
96 try: |
103 return execute('Any X WHERE X eid %(x)s, X owned_by U, U eid %(u)s', |
97 return self._cw.execute( |
104 {'x': eid, 'u': self.eid}, 'x') |
98 'Any X WHERE X eid %(x)s, X owned_by U, U eid %(u)s', |
|
99 {'x': eid, 'u': self.eid}, 'x') |
105 except Unauthorized: |
100 except Unauthorized: |
106 return False |
101 return False |
107 owns = cached(owns, keyarg=1) |
102 owns = cached(owns, keyarg=1) |
108 |
103 |
109 def has_permission(self, pname, contexteid=None): |
104 def has_permission(self, pname, contexteid=None): |