equal
deleted
inserted
replaced
295 continue |
295 continue |
296 try: |
296 try: |
297 prefix, action, suffix = rel.r_type.split('_') |
297 prefix, action, suffix = rel.r_type.split('_') |
298 except ValueError: |
298 except ValueError: |
299 continue |
299 continue |
300 if (prefix != 'has' or suffix != 'permission' or |
300 if (prefix != 'has' or suffix != 'permission' |
301 action not in ('add', 'delete', 'update', 'read')): |
301 or action not in ('add', 'delete', 'update', 'read')): |
302 continue |
302 continue |
303 if found is None: |
303 if found is None: |
304 found = [] |
304 found = [] |
305 rqlst.save_state() |
305 rqlst.save_state() |
306 assert rel.children[0].name == 'U' |
306 assert rel.children[0].name == 'U' |
694 return False |
694 return False |
695 |
695 |
696 |
696 |
697 @_override_method(PermissionMixIn) |
697 @_override_method(PermissionMixIn) |
698 def may_have_permission(self, action, req): |
698 def may_have_permission(self, action, req): |
699 if action != 'read' and not (self.has_local_role('read') or |
699 if action != 'read' and not (self.has_local_role('read') |
700 self.has_perm(req, 'read')): |
700 or self.has_perm(req, 'read')): |
701 return False |
701 return False |
702 return self.has_local_role(action) or self.has_perm(req, action) |
702 return self.has_local_role(action) or self.has_perm(req, action) |
703 |
703 |
704 |
704 |
705 @_override_method(PermissionMixIn) |
705 @_override_method(PermissionMixIn) |
1186 def name_for(self, rdef): |
1186 def name_for(self, rdef): |
1187 """Return a unique, size controlled, name for this constraint applied to given `rdef`. |
1187 """Return a unique, size controlled, name for this constraint applied to given `rdef`. |
1188 |
1188 |
1189 This name may be used as name for the constraint in the database. |
1189 This name may be used as name for the constraint in the database. |
1190 """ |
1190 """ |
1191 return 'cstr' + md5((rdef.subject.type + rdef.rtype.type + self.type() + |
1191 return 'cstr' + md5((rdef.subject.type + rdef.rtype.type + self.type() |
1192 (self.serialize() or '')).encode('ascii')).hexdigest() |
1192 + (self.serialize() or '')).encode('ascii')).hexdigest() |
1193 |
1193 |
1194 |
1194 |
1195 class BaseRQLConstraint(RRQLExpression, BaseConstraint): |
1195 class BaseRQLConstraint(RRQLExpression, BaseConstraint): |
1196 """base class for rql constraints""" |
1196 """base class for rql constraints""" |
1197 distinct_query = None |
1197 distinct_query = None |
1453 elif form is not None: |
1453 elif form is not None: |
1454 cw = form._cw |
1454 cw = form._cw |
1455 if cw is not None: |
1455 if cw is not None: |
1456 if hasattr(cw, 'write_security'): # test it's a session and not a request |
1456 if hasattr(cw, 'write_security'): # test it's a session and not a request |
1457 # cw is a server session |
1457 # cw is a server session |
1458 hasperm = (not cw.write_security or |
1458 hasperm = (not cw.write_security |
1459 not cw.is_hook_category_activated('integrity') or |
1459 or not cw.is_hook_category_activated('integrity') |
1460 cw.user.matching_groups(MAY_USE_TEMPLATE_FORMAT)) |
1460 or cw.user.matching_groups(MAY_USE_TEMPLATE_FORMAT)) |
1461 else: |
1461 else: |
1462 hasperm = cw.user.matching_groups(MAY_USE_TEMPLATE_FORMAT) |
1462 hasperm = cw.user.matching_groups(MAY_USE_TEMPLATE_FORMAT) |
1463 if hasperm: |
1463 if hasperm: |
1464 return self.regular_formats + tuple(NEED_PERM_FORMATS) |
1464 return self.regular_formats + tuple(NEED_PERM_FORMATS) |
1465 return self.regular_formats |
1465 return self.regular_formats |