67 pass |
67 pass |
68 |
68 |
69 |
69 |
70 class _CheckRelationPermissionOp(hook.LateOperation): |
70 class _CheckRelationPermissionOp(hook.LateOperation): |
71 def precommit_event(self): |
71 def precommit_event(self): |
72 rdef = self.rschema.rdef(self.session.describe(self.eidfrom)[0], |
72 session = self.session |
73 self.session.describe(self.eidto)[0]) |
73 for args in session.transaction_data.pop('check_relation_perm_op'): |
74 rdef.check_perm(self.session, self.action, |
74 action, rschema, eidfrom, eidto = args |
75 fromeid=self.eidfrom, toeid=self.eidto) |
75 rdef = rschema.rdef(session.describe(eidfrom)[0], |
|
76 session.describe(eidto)[0]) |
|
77 rdef.check_perm(session, action, fromeid=eidfrom, toeid=eidto) |
76 |
78 |
77 def commit_event(self): |
79 def commit_event(self): |
78 pass |
80 pass |
79 |
81 |
80 |
82 |
152 nocheck = self._cw.transaction_data.get('skip-security', ()) |
154 nocheck = self._cw.transaction_data.get('skip-security', ()) |
153 if (self.eidfrom, self.rtype, self.eidto) in nocheck: |
155 if (self.eidfrom, self.rtype, self.eidto) in nocheck: |
154 return |
156 return |
155 rschema = self._cw.repo.schema[self.rtype] |
157 rschema = self._cw.repo.schema[self.rtype] |
156 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
158 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
157 _CheckRelationPermissionOp(self._cw, action='add', |
159 hook.set_operation(self._cw, 'check_relation_perm_op', |
158 rschema=rschema, |
160 ('add', rschema, self.eidfrom, self.eidto), |
159 eidfrom=self.eidfrom, |
161 _CheckRelationPermissionOp) |
160 eidto=self.eidto) |
|
161 else: |
162 else: |
162 rdef = rschema.rdef(self._cw.describe(self.eidfrom)[0], |
163 rdef = rschema.rdef(self._cw.describe(self.eidfrom)[0], |
163 self._cw.describe(self.eidto)[0]) |
164 self._cw.describe(self.eidto)[0]) |
164 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
165 rdef.check_perm(self._cw, 'add', fromeid=self.eidfrom, toeid=self.eidto) |
165 |
166 |