--- a/hooks/security.py Thu May 20 20:47:55 2010 +0200
+++ b/hooks/security.py Thu May 20 20:50:00 2010 +0200
@@ -29,9 +29,9 @@
def check_entity_attributes(session, entity, editedattrs=None):
eid = entity.eid
eschema = entity.e_schema
- # .skip_security_attributes is there to bypass security for attributes
+ # ._cw_skip_security_attributes is there to bypass security for attributes
# set by hooks by modifying the entity's dictionnary
- dontcheck = entity.skip_security_attributes
+ dontcheck = entity._cw_skip_security_attributes
if editedattrs is None:
try:
editedattrs = entity.edited_attributes
@@ -57,7 +57,7 @@
for values in session.transaction_data.pop('check_entity_perm_op'):
entity = session.entity_from_eid(values[0])
action = values[1]
- entity.check_perm(action)
+ entity.cw_check_perm(action)
check_entity_attributes(session, entity, values[2:])
def commit_event(self):
@@ -105,10 +105,10 @@
def __call__(self):
try:
# check user has permission right now, if not retry at commit time
- self.entity.check_perm('update')
+ self.entity.cw_check_perm('update')
check_entity_attributes(self._cw, self.entity)
except Unauthorized:
- self.entity.clear_local_perm_cache('update')
+ self.entity._cw_clear_local_perm_cache('update')
# save back editedattrs in case the entity is reedited later in the
# same transaction, which will lead to edited_attributes being
# overwritten
@@ -122,7 +122,7 @@
events = ('before_delete_entity',)
def __call__(self):
- self.entity.check_perm('delete')
+ self.entity.cw_check_perm('delete')
class BeforeAddRelationSecurityHook(SecurityHook):