--- a/schemas/__init__.py	Tue Sep 13 14:54:00 2011 +0200
+++ b/schemas/__init__.py	Tue Sep 13 15:40:06 2011 +0200
@@ -1,4 +1,4 @@
-# copyright 2003-2011 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
 # contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
 #
 # This file is part of CubicWeb.
@@ -15,10 +15,12 @@
 #
 # You should have received a copy of the GNU Lesser General Public License along
 # with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
-"""some constants and classes to define schema permissions"""
+"""some utilities to define schema permissions
 
+"""
 __docformat__ = "restructuredtext en"
 
+from rql.utils import quote
 from cubicweb.schema import RO_REL_PERMS, RO_ATTR_PERMS, \
      PUB_SYSTEM_ENTITY_PERMS, PUB_SYSTEM_REL_PERMS, \
      ERQLExpression, RRQLExpression
@@ -33,19 +35,59 @@
 # execute, readable by anyone
 HOOKS_RTYPE_PERMS = RO_REL_PERMS # XXX deprecates
 
+def _perm(names):
+    if isinstance(names, (list, tuple)):
+        if len(names) == 1:
+            names = quote(names[0])
+        else:
+            names = 'IN (%s)' % (','.join(quote(name) for name in names))
+    else:
+        names = quote(names)
+    #return u' require_permission P, P name %s, U in_group G, P require_group G' % names
+    return u' require_permission P, P name %s, U has_group_permission P' % names
 
-from logilab.common.modutils import LazyObject
-from logilab.common.deprecation import deprecated
-class MyLazyObject(LazyObject):
+
+def xperm(*names):
+    return 'X' + _perm(names)
+
+def xexpr(*names):
+    return ERQLExpression(xperm(*names))
+
+def xrexpr(relation, *names):
+    return ERQLExpression('X %s Y, Y %s' % (relation, _perm(names)))
+
+def xorexpr(relation, etype, *names):
+    return ERQLExpression('Y %s X, X is %s, Y %s' % (relation, etype, _perm(names)))
+
+
+def sexpr(*names):
+    return RRQLExpression('S' + _perm(names), 'S')
 
-    def _getobj(self):
-        try:
-            return super(MyLazyObject, self)._getobj()
-        except ImportError:
-            raise ImportError('In cubicweb 3.14, function %s has been moved to '
-                              'cube localperms. Install it first.' % self.obj)
+def restricted_sexpr(restriction, *names):
+    rql = '%s, %s' % (restriction, 'S' + _perm(names))
+    return RRQLExpression(rql, 'S')
+
+def restricted_oexpr(restriction, *names):
+    rql = '%s, %s' % (restriction, 'O' + _perm(names))
+    return RRQLExpression(rql, 'O')
+
+def oexpr(*names):
+    return RRQLExpression('O' + _perm(names), 'O')
+
 
-for name in ('xperm', 'xexpr', 'xrexpr', 'xorexpr', 'sexpr', 'restricted_sexpr',
-             'restricted_oexpr', 'oexpr', 'relxperm', 'relxexpr', '_perm'):
-    msg = '[3.14] import %s from cubes.localperms' % name
-    globals()[name] = deprecated(msg)(MyLazyObject('cubes.localperms', name))
+# def supdate_perm():
+#     return RRQLExpression('U has_update_permission S', 'S')
+
+# def oupdate_perm():
+#     return RRQLExpression('U has_update_permission O', 'O')
+
+def relxperm(rel, role, *names):
+    assert role in ('subject', 'object')
+    if role == 'subject':
+        zxrel = ', X %s Z' % rel
+    else:
+        zxrel = ', Z %s X' % rel
+    return 'Z' + _perm(names) + zxrel
+
+def relxexpr(rel, role, *names):
+    return ERQLExpression(relxperm(rel, role, *names))