--- a/server/hook.py Mon Mar 08 19:02:35 2010 +0100
+++ b/server/hook.py Tue Mar 09 08:59:43 2010 +0100
@@ -33,6 +33,8 @@
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
"""
+from __future__ import with_statement
+
__docformat__ = "restructuredtext en"
from warnings import warn
@@ -47,7 +49,7 @@
from cubicweb.selectors import (objectify_selector, lltrace, ExpectedValueSelector,
implements)
from cubicweb.appobject import AppObject
-
+from cubicweb.server.session import security_enabled
ENTITIES_HOOKS = set(('before_add_entity', 'after_add_entity',
'before_update_entity', 'after_update_entity',
@@ -76,13 +78,20 @@
event, obj.__module__, obj.__name__))
super(HooksRegistry, self).register(obj, **kwargs)
- def call_hooks(self, event, req=None, **kwargs):
+ def call_hooks(self, event, session=None, **kwargs):
kwargs['event'] = event
- for hook in sorted(self.possible_objects(req, **kwargs), key=lambda x: x.order):
- if hook.enabled:
+ if session is None:
+ for hook in sorted(self.possible_objects(session, **kwargs),
+ key=lambda x: x.order):
hook()
- else:
- warn('[3.6] %s: enabled is deprecated' % hook.__class__)
+ else:
+ # by default, hooks are executed with security turned off
+ with security_enabled(session, read=False):
+ hooks = sorted(self.possible_objects(session, **kwargs),
+ key=lambda x: x.order)
+ with security_enabled(session, write=False):
+ for hook in hooks:
+ hook()
VRegistry.REGISTRY_FACTORY['hooks'] = HooksRegistry
@@ -104,6 +113,14 @@
@objectify_selector
@lltrace
+def _bw_is_enabled(cls, req, **kwargs):
+ if cls.enabled:
+ return 1
+ warn('[3.6] %s: enabled is deprecated' % cls)
+ return 0
+
+@objectify_selector
+@lltrace
def match_event(cls, req, **kwargs):
if kwargs.get('event') in cls.events:
return 1
@@ -118,11 +135,10 @@
@objectify_selector
@lltrace
-def regular_session(cls, req, **kwargs):
- if req is None or req.is_super_session:
- return 0
- return 1
-
+def from_dbapi_query(cls, req, **kwargs):
+ if req.running_dbapi_query:
+ return 1
+ return 0
class rechain(object):
def __init__(self, *iterators):
@@ -175,7 +191,7 @@
class Hook(AppObject):
__registry__ = 'hooks'
- __select__ = match_event() & enabled_category()
+ __select__ = match_event() & enabled_category() & _bw_is_enabled()
# set this in derivated classes
events = None
category = None
@@ -260,7 +276,7 @@
else:
assert self.rtype in self.object_relations
meid, seid = self.eidto, self.eidfrom
- self._cw.unsafe_execute(
+ self._cw.execute(
'SET E %s P WHERE X %s P, X eid %%(x)s, E eid %%(e)s, NOT E %s P'\
% (self.main_rtype, self.main_rtype, self.main_rtype),
{'x': meid, 'e': seid}, ('x', 'e'))
@@ -278,7 +294,7 @@
def __call__(self):
eschema = self._cw.vreg.schema.eschema(self._cw.describe(self.eidfrom)[0])
- execute = self._cw.unsafe_execute
+ execute = self._cw.execute
for rel in self.subject_relations:
if rel in eschema.subjrels:
execute('SET R %s P WHERE X eid %%(x)s, P eid %%(p)s, '
@@ -303,7 +319,7 @@
def __call__(self):
eschema = self._cw.vreg.schema.eschema(self._cw.describe(self.eidfrom)[0])
- execute = self._cw.unsafe_execute
+ execute = self._cw.execute
for rel in self.subject_relations:
if rel in eschema.subjrels:
execute('DELETE R %s P WHERE X eid %%(x)s, P eid %%(p)s, '
@@ -507,6 +523,6 @@
class RQLPrecommitOperation(Operation):
def precommit_event(self):
- execute = self.session.unsafe_execute
+ execute = self.session.execute
for rql in self.rqls:
execute(*rql)