Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/repository.py
branchstable
changeset 4673 6f8b925a29f4
parent 4643 921737d2e3a8
child 4686 c55606a5c4b0 
--- a/server/repository.py	Tue Feb 23 20:22:40 2010 +0100
+++ b/server/repository.py	Tue Feb 23 20:23:46 2010 +0100
@@ -113,14 +113,17 @@
     # the web interface but may occurs during test or dbapi connection (though
     # not expected for this).  So: don't do it, we pretend to ensure repository
     # consistency.
+    #
+    # also, we must not use unsafe_execute since we want the delete permission
+    # to be checked when some existing relation is deleted
     if card[0] in '1?':
         rschema = session.repo.schema.rschema(rtype)
         if not rschema.inlined: # inlined relations will be implicitly deleted
-            session.unsafe_execute('DELETE X %s Y WHERE X eid %%(x)s, NOT Y eid %%(y)s' % rtype,
-                                   {'x': eidfrom, 'y': eidto}, 'x')
+            session.execute('DELETE X %s Y WHERE X eid %%(x)s, NOT Y eid %%(y)s' % rtype,
+                            {'x': eidfrom, 'y': eidto}, 'x')
     if card[1] in '1?':
-        session.unsafe_execute('DELETE X %s Y WHERE NOT X eid %%(x)s, Y eid %%(y)s' % rtype,
-                               {'x': eidfrom, 'y': eidto}, 'y')
+        session.execute('DELETE X %s Y WHERE NOT X eid %%(x)s, Y eid %%(y)s' % rtype,
+                        {'x': eidfrom, 'y': eidto}, 'y')
 
 
 class Repository(object):
cubicweb