equal
deleted
inserted
replaced
377 # checking permission which may imply rql queries |
377 # checking permission which may imply rql queries |
378 if not tag in self.etype_get(eschema, rschema, role, tschema): |
378 if not tag in self.etype_get(eschema, rschema, role, tschema): |
379 continue |
379 continue |
380 rdef = rschema.role_rdef(eschema, tschema, role) |
380 rdef = rschema.role_rdef(eschema, tschema, role) |
381 if rschema.final: |
381 if rschema.final: |
382 if not rdef.has_perm(cw, permission, eid=eid): |
382 if not rdef.has_perm(cw, permission, eid=eid, |
|
383 creating=eid is None): |
383 continue |
384 continue |
384 elif strict or not rdef.has_local_role(relpermission): |
385 elif strict or not rdef.has_local_role(relpermission): |
385 if role == 'subject': |
386 if role == 'subject': |
386 if not rdef.has_perm(cw, relpermission, fromeid=eid): |
387 if not rdef.has_perm(cw, relpermission, fromeid=eid): |
387 continue |
388 continue |