cubicweb: comparison schema.py

equal deleted inserted replaced

-:b718626a0e60
+:13b0b96d7982
 restriction = 'S eid %(s)s, O eid %(o)s, ' + self.restriction
 args, ck = {'s': eidfrom, 'o': eidto}, ('s', 'o')
 rql = 'Any %s WHERE %s' % (self.mainvars,  restriction)
 if self.distinct_query:
 rql = 'DISTINCT ' + rql
-return session.unsafe_execute(rql, args, ck, build_descr=False)
+return session.execute(rql, args, ck, build_descr=False)
 class RQLConstraint(RepoEnforcedRQLConstraintMixIn, RQLVocabularyConstraint):
 """the rql constraint is similar to the RQLVocabularyConstraint but
 are also enforced at the repository level
 # when creating an entity, consider has_*_permission satisfied
 if has_perm_defs:
 return True
 return False
 if keyarg is None:
-# on the server side, use unsafe_execute, but this is not available
-# on the client side (session is actually a request)
-execute = getattr(session, 'unsafe_execute', session.execute)
 kwargs.setdefault('u', session.user.eid)
 cachekey = kwargs.keys()
 try:
-rset = execute(rql, kwargs, cachekey, build_descr=True)
+rset = session.execute(rql, kwargs, cachekey, build_descr=True)
 except NotImplementedError:
 self.critical('cant check rql expression, unsupported rql %s', rql)
 if self.eid is not None:
 session.local_perm_cache[key] = False
 return False
 if form is None and entity is not None:
 cw = entity._cw
 elif form is not None:
 cw = form._cw
 if cw is not None:
-if hasattr(cw, 'is_super_session'):
+if hasattr(cw, 'write_security'): # test it's a session and not a request
 # cw is a server session
-hasperm = cw.is_super_session or \
+hasperm = not cw.write_security or \
 not cw.is_hooks_category_activated('integrity') or \
 cw.user.has_permission(PERM_USE_TEMPLATE_FORMAT)
 else:
 hasperm = cw.user.has_permission(PERM_USE_TEMPLATE_FORMAT)
 if hasperm:

changeset 4835	13b0b96d7982
parent 4834	b718626a0e60
child 4843	5f7363416765