Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hooks/security.py
branchstable
changeset 4999 221f76e14eea
parent 4970 1f3d8946ea84
child 5421 8167de96c523
equal deleted inserted replaced
4998:924f8274a264 4999:221f76e14eea 
    23         try:
 
    23         try:
 
    24             editedattrs = entity.edited_attributes
 
    24             editedattrs = entity.edited_attributes
 
    25         except AttributeError:
 
    25         except AttributeError:
 
    26             editedattrs = entity # XXX unexpected
 
    26             editedattrs = entity # XXX unexpected
 
    27     for attr in editedattrs:
 
    27     for attr in editedattrs:
 
    28         try:
 
    28         if attr in dontcheck:
 
    29             dontcheck.remove(attr)
 
       
    30             continue
 
    29             continue
 
    31         except KeyError:
 
       
    32             pass
 
       
    33         rdef = eschema.rdef(attr)
 
    30         rdef = eschema.rdef(attr)
 
    34         if rdef.final: # non final relation are checked by other hooks
 
    31         if rdef.final: # non final relation are checked by other hooks
 
    35             # add/delete should be equivalent (XXX: unify them into 'update' ?)
 
    32             # add/delete should be equivalent (XXX: unify them into 'update' ?)
 
    36             rdef.check_perm(session, 'update', eid=eid)
 
    33             rdef.check_perm(session, 'update', eid=eid)
 
       
    34     # don't update dontcheck until everything went fine: see usage in
 
       
    35     # after_update_entity, where if we got an Unauthorized at hook time, we will
 
       
    36     # retry and commit time
 
       
    37     dontcheck |= frozenset(editedattrs)
 
    37 
    38 
    38 
    39 
    39 class _CheckEntityPermissionOp(hook.LateOperation):
 
    40 class _CheckEntityPermissionOp(hook.LateOperation):
 
    40     def precommit_event(self):
 
    41     def precommit_event(self):
 
    41         #print 'CheckEntityPermissionOp', self.session.user, self.entity, self.action
 
    42         #print 'CheckEntityPermissionOp', self.session.user, self.entity, self.action
cubicweb