384 try: |
384 try: |
385 req.commit() # req is a session |
385 req.commit() # req is a session |
386 except AttributeError: |
386 except AttributeError: |
387 req.cnx.commit() |
387 req.cnx.commit() |
388 return user |
388 return user |
|
389 |
|
390 @iclassmethod # XXX turn into a class method |
|
391 def grant_permission(self, session, entity, group, pname=None, plabel=None): |
|
392 """insert a permission on an entity. Will have to commit the main |
|
393 connection to be considered |
|
394 """ |
|
395 if not isinstance(session, Session): |
|
396 warn('[3.12] grant_permission arguments are now (session, entity, group, pname[, plabel])', |
|
397 DeprecationWarning, stacklevel=2) |
|
398 plabel = pname |
|
399 pname = group |
|
400 group = entity |
|
401 entity = session |
|
402 assert not isinstance(self, type) |
|
403 session = self.session |
|
404 pname = unicode(pname) |
|
405 plabel = plabel and unicode(plabel) or unicode(group) |
|
406 e = getattr(entity, 'eid', entity) |
|
407 with security_enabled(session, False, False): |
|
408 peid = session.execute( |
|
409 'INSERT CWPermission X: X name %(pname)s, X label %(plabel)s,' |
|
410 'X require_group G, E require_permission X ' |
|
411 'WHERE G name %(group)s, E eid %(e)s', |
|
412 locals())[0][0] |
|
413 return peid |
389 |
414 |
390 def login(self, login, **kwargs): |
415 def login(self, login, **kwargs): |
391 """return a connection for the given login/password""" |
416 """return a connection for the given login/password""" |
392 if login == self.admlogin: |
417 if login == self.admlogin: |
393 self.restore_connection() |
418 self.restore_connection() |