58 class AfterAddEntitySecurityHook(SecurityHook): |
58 class AfterAddEntitySecurityHook(SecurityHook): |
59 __id__ = 'securityafteraddentity' |
59 __id__ = 'securityafteraddentity' |
60 events = ('after_add_entity',) |
60 events = ('after_add_entity',) |
61 |
61 |
62 def __call__(self): |
62 def __call__(self): |
63 _CheckEntityPermissionOp(self.cw_req, entity=self.entity, action='add') |
63 _CheckEntityPermissionOp(self._cw, entity=self.entity, action='add') |
64 |
64 |
65 |
65 |
66 class AfterUpdateEntitySecurityHook(SecurityHook): |
66 class AfterUpdateEntitySecurityHook(SecurityHook): |
67 __id__ = 'securityafterupdateentity' |
67 __id__ = 'securityafterupdateentity' |
68 events = ('after_update_entity',) |
68 events = ('after_update_entity',) |
69 |
69 |
70 def __call__(self): |
70 def __call__(self): |
71 try: |
71 try: |
72 # check user has permission right now, if not retry at commit time |
72 # check user has permission right now, if not retry at commit time |
73 self.entity.check_perm('update') |
73 self.entity.check_perm('update') |
74 check_entity_attributes(self.cw_req, self.entity) |
74 check_entity_attributes(self._cw, self.entity) |
75 except Unauthorized: |
75 except Unauthorized: |
76 self.entity.clear_local_perm_cache('update') |
76 self.entity.clear_local_perm_cache('update') |
77 _CheckEntityPermissionOp(self.cw_req, entity=self.entity, action='update') |
77 _CheckEntityPermissionOp(self._cw, entity=self.entity, action='update') |
78 |
78 |
79 |
79 |
80 class BeforeDelEntitySecurityHook(SecurityHook): |
80 class BeforeDelEntitySecurityHook(SecurityHook): |
81 __id__ = 'securitybeforedelentity' |
81 __id__ = 'securitybeforedelentity' |
82 events = ('before_delete_entity',) |
82 events = ('before_delete_entity',) |
83 |
83 |
84 def __call__(self): |
84 def __call__(self): |
85 self.entity.e_schema.check_perm(self.cw_req, 'delete', eid) |
85 self.entity.e_schema.check_perm(self._cw, 'delete', eid) |
86 |
86 |
87 |
87 |
88 class BeforeAddRelationSecurityHook(SecurityHook): |
88 class BeforeAddRelationSecurityHook(SecurityHook): |
89 __id__ = 'securitybeforeaddrelation' |
89 __id__ = 'securitybeforeaddrelation' |
90 events = ('before_add_relation',) |
90 events = ('before_add_relation',) |
91 |
91 |
92 def __call__(self): |
92 def __call__(self): |
93 if self.rtype in BEFORE_ADD_RELATIONS: |
93 if self.rtype in BEFORE_ADD_RELATIONS: |
94 rschema = self.cw_req.repo.schema[self.rtype] |
94 rschema = self._cw.repo.schema[self.rtype] |
95 rschema.check_perm(self.cw_req, 'add', self.eidfrom, self.eidto) |
95 rschema.check_perm(self._cw, 'add', self.eidfrom, self.eidto) |
96 |
96 |
97 |
97 |
98 class AfterAddRelationSecurityHook(SecurityHook): |
98 class AfterAddRelationSecurityHook(SecurityHook): |
99 __id__ = 'securityafteraddrelation' |
99 __id__ = 'securityafteraddrelation' |
100 events = ('after_add_relation',) |
100 events = ('after_add_relation',) |
101 |
101 |
102 def __call__(self): |
102 def __call__(self): |
103 if not self.rtype in BEFORE_ADD_RELATIONS: |
103 if not self.rtype in BEFORE_ADD_RELATIONS: |
104 rschema = self.cw_req.repo.schema[self.rtype] |
104 rschema = self._cw.repo.schema[self.rtype] |
105 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
105 if self.rtype in ON_COMMIT_ADD_RELATIONS: |
106 _CheckRelationPermissionOp(self.cw_req, action='add', |
106 _CheckRelationPermissionOp(self._cw, action='add', |
107 rschema=rschema, |
107 rschema=rschema, |
108 eidfrom=self.eidfrom, |
108 eidfrom=self.eidfrom, |
109 eidto=self.eidto) |
109 eidto=self.eidto) |
110 else: |
110 else: |
111 rschema.check_perm(self.cw_req, 'add', self.eidfrom, self.eidto) |
111 rschema.check_perm(self._cw, 'add', self.eidfrom, self.eidto) |
112 |
112 |
113 |
113 |
114 class BeforeDelRelationSecurityHook(SecurityHook): |
114 class BeforeDelRelationSecurityHook(SecurityHook): |
115 __id__ = 'securitybeforedelrelation' |
115 __id__ = 'securitybeforedelrelation' |
116 events = ('before_delete_relation',) |
116 events = ('before_delete_relation',) |
117 |
117 |
118 def __call__(self): |
118 def __call__(self): |
119 self.cw_req.repo.schema[self.rtype].check_perm(self.cw_req, 'delete', |
119 self._cw.repo.schema[self.rtype].check_perm(self._cw, 'delete', |
120 self.eidfrom, self.eidto) |
120 self.eidfrom, self.eidto) |
121 |
121 |