Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc/book/en/development/datamodel/definition.rst
branchstable
changeset 5351 ecf07370e6db
parent 5349 023dbeb84cc2
equal deleted inserted replaced
5350:49c065ae225e 5351:ecf07370e6db 
   379     in which `X` represents the entity the attribute belongs to
 
   379     in which `X` represents the entity the attribute belongs to
 
   380 
   380 
   381   - the permissions `add` and `delete` are equivalent. Only `add`/`read`
 
   381   - the permissions `add` and `delete` are equivalent. Only `add`/`read`
 
   382     are actually taken in consideration.
 
   382     are actually taken in consideration.
 
   383 
   383 
   384 :Note on the use of RQL expression for `add` permission:
 
   384 .. note::
 
   385 
   385 
   386   Potentially, the use of an RQL expression to add an entity or a
 
   386   Potentially, the `use of an RQL expression to add an entity or a
 
   387   relation can cause problems for the user interface, because if the
 
   387   relation` can cause problems for the user interface, because if the
 
   388   expression uses the entity or the relation to create, then we are
 
   388   expression uses the entity or the relation to create, then we are
 
   389   not able to verify the permissions before we actually add the entity
 
   389   not able to verify the permissions before we actually add the entity
 
   390   (please note that this is not a problem for the RQL server at all,
 
   390   (please note that this is not a problem for the RQL server at all,
 
   391   because the permissions checks are done after the creation). In such
 
   391   because the permissions checks are done after the creation). In such
 
   392   case, the permission check methods (CubicWebEntitySchema.check_perm
 
   392   case, the permission check methods (CubicWebEntitySchema.check_perm
 
   393   and has_perm) can indicate that the user is not allowed to create
 
   393   and has_perm) can indicate that the user is not allowed to create
 
   394   this entity but can obtain the permission.
 
   394   this entity but can obtain the permission.  To compensate this
 
   395   To compensate this problem, it is usually necessary, for such case,
 
   395   problem, it is usually necessary, for such case, to use an action
 
   396   to use an action that reflects the schema permissions but which enables
 
   396   that reflects the schema permissions but which enables to check
 
   397   to check properly the permissions so that it would show up if necessary.
 
   397   properly the permissions so that it would show up if necessary.
 
   398 
   398 
   399 
   399 
   400 Use of RQL expression for reading rights
 
   400 Use of RQL expression for reading rights
 
   401 ````````````````````````````````````````
 
   401 ````````````````````````````````````````
 
   402 
   402
cubicweb