495 Security level Management: |
495 Security level Management: |
496 |
496 |
497 :attr:`read_security` and :attr:`write_security`, boolean flags telling if |
497 :attr:`read_security` and :attr:`write_security`, boolean flags telling if |
498 read/write security is currently activated. |
498 read/write security is currently activated. |
499 |
499 |
500 .. automethod:: cubicweb.server.session.Session.set_write_security |
|
501 .. automethod:: cubicweb.server.session.Session.set_read_security |
|
502 .. automethod:: cubicweb.server.session.Session.init_security |
500 .. automethod:: cubicweb.server.session.Session.init_security |
503 .. automethod:: cubicweb.server.session.Session.reset_security |
501 .. automethod:: cubicweb.server.session.Session.reset_security |
504 .. automethod:: cubicweb.server.session.Session.security_enabled |
502 .. automethod:: cubicweb.server.session.Session.security_enabled |
505 |
503 |
506 Hooks Management: |
504 Hooks Management: |
787 |
785 |
788 def init_security(self, read, write): |
786 def init_security(self, read, write): |
789 if read is None: |
787 if read is None: |
790 oldread = None |
788 oldread = None |
791 else: |
789 else: |
792 oldread = self.set_read_security(read) |
790 oldread = self._tx.read_security |
|
791 self._tx.read_security = read |
793 if write is None: |
792 if write is None: |
794 oldwrite = None |
793 oldwrite = None |
795 else: |
794 else: |
796 oldwrite = self.set_write_security(write) |
795 oldwrite = self._tx.write_security |
|
796 self._tx.write_security = write |
797 self._tx.ctx_count += 1 |
797 self._tx.ctx_count += 1 |
798 return oldread, oldwrite |
798 return oldread, oldwrite |
799 |
799 |
800 def reset_security(self, read, write): |
800 def reset_security(self, read, write): |
801 tx = self._tx |
801 tx = self._tx |
802 tx.ctx_count -= 1 |
802 tx.ctx_count -= 1 |
803 if tx.ctx_count == 0: |
803 if tx.ctx_count == 0: |
804 self._clear_thread_storage(tx) |
804 self._clear_thread_storage(tx) |
805 else: |
805 else: |
806 if read is not None: |
806 if read is not None: |
807 self.set_read_security(read) |
807 self._tx.read_security = read |
808 if write is not None: |
808 if write is not None: |
809 self.set_write_security(write) |
809 self._tx.write_security = write |
810 |
810 |
811 def set_read_security(self, activated): |
811 read_security = tx_attr('read_security', writable=True) |
812 """[de]activate read security, returning the previous value set for |
812 write_security = tx_attr('write_security', writable=True) |
813 later restoration. |
|
814 |
|
815 you should usually use the `security_enabled` context manager instead |
|
816 of this to change security settings. |
|
817 """ |
|
818 oldmode = self._tx.read_security |
|
819 self._tx.read_security = activated |
|
820 return oldmode |
|
821 |
|
822 def set_write_security(self, activated): |
|
823 """[de]activate write security, returning the previous value set for |
|
824 later restoration. |
|
825 |
|
826 you should usually use the `security_enabled` context manager instead |
|
827 of this to change security settings. |
|
828 """ |
|
829 oldmode = self._tx.write_security |
|
830 self._tx.write_security = activated |
|
831 return oldmode |
|
832 |
|
833 read_security = tx_attr('read_security') |
|
834 write_security = tx_attr('write_security') |
|
835 running_dbapi_query = tx_attr('running_dbapi_query') |
813 running_dbapi_query = tx_attr('running_dbapi_query') |
836 |
814 |
837 # hooks activation control ################################################# |
815 # hooks activation control ################################################# |
838 # all hooks should be activated during normal execution |
816 # all hooks should be activated during normal execution |
839 |
817 |