equal
deleted
inserted
replaced
87 |
87 |
88 class CheckRelationPermissionOp(hook.DataOperationMixIn, hook.LateOperation): |
88 class CheckRelationPermissionOp(hook.DataOperationMixIn, hook.LateOperation): |
89 def precommit_event(self): |
89 def precommit_event(self): |
90 cnx = self.cnx |
90 cnx = self.cnx |
91 for action, rschema, eidfrom, eidto in self.get_data(): |
91 for action, rschema, eidfrom, eidto in self.get_data(): |
92 rdef = rschema.rdef(cnx.entity_metas(eidfrom)['type'], |
92 rdef = rschema.rdef(cnx.entity_type(eidfrom), |
93 cnx.entity_metas(eidto)['type']) |
93 cnx.entity_type(eidto)) |
94 rdef.check_perm(cnx, action, fromeid=eidfrom, toeid=eidto) |
94 rdef.check_perm(cnx, action, fromeid=eidfrom, toeid=eidto) |
95 |
95 |
96 |
96 |
97 @objectify_predicate |
97 @objectify_predicate |
98 def write_security_enabled(cls, req, **kwargs): |
98 def write_security_enabled(cls, req, **kwargs): |
163 return |
163 return |
164 rschema = self._cw.repo.schema[self.rtype] |
164 rschema = self._cw.repo.schema[self.rtype] |
165 if rschema.inlined and skip_inlined_relation_security( |
165 if rschema.inlined and skip_inlined_relation_security( |
166 self._cw, rschema, self.eidfrom): |
166 self._cw, rschema, self.eidfrom): |
167 return |
167 return |
168 rdef = rschema.rdef(self._cw.entity_metas(self.eidfrom)['type'], |
168 rdef = rschema.rdef(self._cw.entity_type(self.eidfrom), |
169 self._cw.entity_metas(self.eidto)['type']) |
169 self._cw.entity_type(self.eidto)) |
170 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
170 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
171 |
171 |
172 |
172 |
173 class AfterAddRelationSecurityHook(SecurityHook): |
173 class AfterAddRelationSecurityHook(SecurityHook): |
174 __regid__ = 'securityafteraddrelation' |
174 __regid__ = 'securityafteraddrelation' |
185 return |
185 return |
186 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
186 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
187 CheckRelationPermissionOp.get_instance(self._cw).add_data( |
187 CheckRelationPermissionOp.get_instance(self._cw).add_data( |
188 ('add', rschema, self.eidfrom, self.eidto) ) |
188 ('add', rschema, self.eidfrom, self.eidto) ) |
189 else: |
189 else: |
190 rdef = rschema.rdef(self._cw.entity_metas(self.eidfrom)['type'], |
190 rdef = rschema.rdef(self._cw.entity_type(self.eidfrom), |
191 self._cw.entity_metas(self.eidto)['type']) |
191 self._cw.entity_type(self.eidto)) |
192 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
192 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
193 |
193 |
194 |
194 |
195 class BeforeDeleteRelationSecurityHook(SecurityHook): |
195 class BeforeDeleteRelationSecurityHook(SecurityHook): |
196 __regid__ = 'securitybeforedelrelation' |
196 __regid__ = 'securitybeforedelrelation' |
202 return |
202 return |
203 rschema = self._cw.repo.schema[self.rtype] |
203 rschema = self._cw.repo.schema[self.rtype] |
204 if rschema.inlined and skip_inlined_relation_security( |
204 if rschema.inlined and skip_inlined_relation_security( |
205 self._cw, rschema, self.eidfrom): |
205 self._cw, rschema, self.eidfrom): |
206 return |
206 return |
207 rdef = rschema.rdef(self._cw.entity_metas(self.eidfrom)['type'], |
207 rdef = rschema.rdef(self._cw.entity_type(self.eidfrom), |
208 self._cw.entity_metas(self.eidto)['type']) |
208 self._cw.entity_type(self.eidto)) |
209 rdef.check_perm(self._cw, 'delete', fromeid=self.eidfrom, toeid=self.eidto) |
209 rdef.check_perm(self._cw, 'delete', fromeid=self.eidfrom, toeid=self.eidto) |