Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/ssplanner.py
changeset 4835 13b0b96d7982
parent 4795 f1c8bc628b45
child 4869 230ace4d68c0 
--- a/server/ssplanner.py	Mon Mar 08 19:02:35 2010 +0100
+++ b/server/ssplanner.py	Tue Mar 09 08:59:43 2010 +0100
@@ -63,6 +63,7 @@
         return {}
     eidconsts = {}
     neweids = session.transaction_data.get('neweids', ())
+    checkread = session.read_security
     for rel in rqlst.where.get_nodes(Relation):
         if rel.r_type == 'eid' and not rel.neged(strict=True):
             lhs, rhs = rel.get_variable_parts()
@@ -71,7 +72,7 @@
                 # check read permission here since it may not be done by
                 # the generated select substep if not emited (eg nothing
                 # to be selected)
-                if eid not in neweids:
+                if checkread and eid not in neweids:
                     eschema(session.describe(eid)[0]).check_perm(session, 'read')
                 eidconsts[lhs.variable] = eid
     return eidconsts
cubicweb