Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/data_schemareader/schema.py
author Aurelien Campeas <aurelien.campeas@logilab.fr>
Wed, 17 Dec 2014 10:55:53 +0100
changeset 10114 6f4b4567b77d
parent 8167 41ec579e27c4
child 10907 9ae707db5265
permissions -rw-r--r--
[security] check attributes: dispatch on the "add" action if entity was just created cw_set on a just-created entity (i.e. created in the same transaction) should behave the same as setting the attribute directly on creation: check the 'add' permissions, not 'update'. Closes #4740310.

from cubicweb.schemas.base import in_group, CWSourceSchemaConfig
# copy __permissions__ to avoid modifying a shared dictionary
in_group.__permissions__ = in_group.__permissions__.copy()
in_group.__permissions__['read'] = ('managers',)

cw_for_source = CWSourceSchemaConfig.get_relation('cw_for_source')
cw_for_source.__permissions__ = {'read': ('managers', 'users'),
                                 'add': ('managers',),
                                 'delete': ('managers',)}
cubicweb