163 if fetchattrs is None: |
163 if fetchattrs is None: |
164 fetchattrs = cls.fetch_attrs |
164 fetchattrs = cls.fetch_attrs |
165 selection = [mainvar] |
165 selection = [mainvar] |
166 orderby = [] |
166 orderby = [] |
167 # start from 26 to avoid possible conflicts with X |
167 # start from 26 to avoid possible conflicts with X |
|
168 # XXX not enough to be sure it'll be no conflicts |
168 varmaker = rqlvar_maker(index=26) |
169 varmaker = rqlvar_maker(index=26) |
169 cls._fetch_restrictions(mainvar, varmaker, fetchattrs, selection, |
170 cls._fetch_restrictions(mainvar, varmaker, fetchattrs, selection, |
170 orderby, restrictions, user, ordermethod) |
171 orderby, restrictions, user, ordermethod) |
171 rql = 'Any %s' % ','.join(selection) |
172 rql = 'Any %s' % ','.join(selection) |
172 if orderby: |
173 if orderby: |
766 evar, searchedvar = 'S', 'O' |
767 evar, searchedvar = 'S', 'O' |
767 subjtype, objtype = self.e_schema, targettype |
768 subjtype, objtype = self.e_schema, targettype |
768 else: |
769 else: |
769 searchedvar, evar = 'S', 'O' |
770 searchedvar, evar = 'S', 'O' |
770 objtype, subjtype = self.e_schema, targettype |
771 objtype, subjtype = self.e_schema, targettype |
|
772 rdef = rtype.role_rdef(self.e_schema, targettype, role) |
771 if self.has_eid(): |
773 if self.has_eid(): |
772 restriction = ['NOT S %s O' % rtype, '%s eid %%(x)s' % evar] |
774 restriction = ['NOT S %s O' % rtype] |
|
775 if rdef.role_cardinality(role) not in '?1': |
|
776 # if cardinality in '1?', don't add restriction on eid |
|
777 restriction.append('%s eid %%(x)s' % evar) |
773 args = {'x': self.eid} |
778 args = {'x': self.eid} |
774 if role == 'subject': |
779 if role == 'subject': |
775 securitycheck_args = {'fromeid': self.eid} |
780 securitycheck_args = {'fromeid': self.eid} |
776 else: |
781 else: |
777 securitycheck_args = {'toeid': self.eid} |
782 securitycheck_args = {'toeid': self.eid} |
778 else: |
783 else: |
779 restriction = [] |
784 if rdef.role_cardinality(role) in '?1': |
|
785 restriction = ['NOT S %s O' % rtype] |
|
786 else: |
|
787 restriction = [] |
780 args = {} |
788 args = {} |
781 securitycheck_args = {} |
789 securitycheck_args = {} |
782 rdef = rtype.role_rdef(self.e_schema, targettype, role) |
|
783 insertsecurity = (rdef.has_local_role('add') and not |
790 insertsecurity = (rdef.has_local_role('add') and not |
784 rdef.has_perm(self._cw, 'add', **securitycheck_args)) |
791 rdef.has_perm(self._cw, 'add', **securitycheck_args)) |
785 # XXX consider constraint.mainvars to check if constraint apply |
792 # XXX consider constraint.mainvars to check if constraint apply |
786 if vocabconstraints: |
793 if vocabconstraints: |
787 # RQLConstraint is a subclass for RQLVocabularyConstraint, so they |
794 # RQLConstraint is a subclass for RQLVocabularyConstraint, so they |
788 # will be included as well |
795 # will be included as well |
789 restriction += [cstr.expression for cstr in rdef.constraints |
796 cstrcls = RQLVocabularyConstraint |
790 if isinstance(cstr, RQLVocabularyConstraint)] |
797 else: |
791 else: |
798 cstrcls = RQLConstraint |
792 restriction += [cstr.expression for cstr in rdef.constraints |
799 for cstr in rdef.constraints: |
793 if isinstance(cstr, RQLConstraint)] |
800 if isinstance(cstr, RQLVocabularyConstraint) and searchedvar in cstr.mainvars: |
|
801 if not self.has_eid() and evar in cstr.mainvars: |
|
802 continue |
|
803 restriction.append(cstr.expression) |
794 etypecls = self._cw.vreg['etypes'].etype_class(targettype) |
804 etypecls = self._cw.vreg['etypes'].etype_class(targettype) |
795 rql = etypecls.fetch_rql(self._cw.user, restriction, |
805 rql = etypecls.fetch_rql(self._cw.user, restriction, |
796 mainvar=searchedvar, ordermethod=ordermethod) |
806 mainvar=searchedvar, ordermethod=ordermethod) |
797 # ensure we have an order defined |
807 # ensure we have an order defined |
798 if not ' ORDERBY ' in rql: |
808 if not ' ORDERBY ' in rql: |