433 else: |
433 else: |
434 objtype = Nono |
434 objtype = Nono |
435 if objtype and subjtype: |
435 if objtype and subjtype: |
436 return self.rdef(subjtype, objtype).has_perm(session, action, **kwargs) |
436 return self.rdef(subjtype, objtype).has_perm(session, action, **kwargs) |
437 elif subjtype: |
437 elif subjtype: |
438 for tschema in rschema.targets(subjtype, 'subject'): |
438 for tschema in self.targets(subjtype, 'subject'): |
439 rdef = rschema.rdef(subjtype, tschema) |
439 rdef = self.rdef(subjtype, tschema) |
440 if not rdef.has_perm(action, req, **kwargs): |
440 if not rdef.has_perm(action, req, **kwargs): |
441 return False |
441 return False |
442 elif objtype: |
442 elif objtype: |
443 for tschema in rschema.targets(objtype, 'object'): |
443 for tschema in self.targets(objtype, 'object'): |
444 rdef = rschema.rdef(tschema, objtype) |
444 rdef = self.rdef(tschema, objtype) |
445 if not rdef.has_perm(action, req, **kwargs): |
445 if not rdef.has_perm(session, action, **kwargs): |
446 return False |
446 return False |
447 else: |
447 else: |
448 for rdef in self.rdefs.itervalues(): |
448 for rdef in self.rdefs.itervalues(): |
449 if not rdef.has_perm(action, req, **kwargs): |
449 if not rdef.has_perm(session, action, **kwargs): |
450 return False |
450 return False |
451 |
451 |
452 @deprecated('use .rdef(subjtype, objtype).role_cardinality(role)') |
452 @deprecated('use .rdef(subjtype, objtype).role_cardinality(role)') |
453 def cardinality(self, subjtype, objtype, target): |
453 def cardinality(self, subjtype, objtype, target): |
454 return self.rdef(subjtype, objtype).role_cardinality(target) |
454 return self.rdef(subjtype, objtype).role_cardinality(target) |