[hooks/security] allow edition of attributes with permissive permissions
If an attribute has more permissive security rules than the entity
type itself, we should be green and not deny action because of an
early global entity permission check (with the more restrictive
rules).
Only if one attribute with the entity-level permission rules is edited
will the global check be performed.
Note:
* the "if action == 'delete'" check at the entry of
check_entity_attributes is a guard for a condition currently not
happening in cubicweb itself (but application hooks could
conceivably call this function with a 'delete' action)
Closes #3489895.
====
Book
====
----
Part
----
Chapter
=======
.. _Level1AnchorForLaterReference:
Level 1 section
---------------
Level 2 section
~~~~~~~~~~~~~~~
Level 3 section
```````````````
*CubicWeb*
inline directives:
:file:`directory/file`
:envvar:`AN_ENV_VARIABLE`
:command:`command --option arguments`
:ref:, :mod:
.. sourcecode:: python
class SomePythonCode:
...
.. XXX a comment, wont be rendered
a [foot note]_
.. [foot note] the foot note content
Boxes
=====
- warning box:
.. warning::
Warning content
- note box:
.. note::
Note content
Cross references
================
To arbitrary section
--------------------
:ref:`identifier` ou :ref:`label <identifier>`
Label required of referencing node which as no title, else the node's title will be used.
To API objects
--------------
See the autodoc sphinx extension documentation. Quick overview:
* ref to a class: :class:`cubicweb.devtools.testlib.AutomaticWebTest`
* if you can to see only the class name in the generated documentation, add a ~:
:class:`~cubicweb.devtools.testlib.AutomaticWebTest`
* you can also use :mod: (module), :exc: (exception), :func: (function), :meth: (method)...
* syntax explained above to specify label explicitly may also be used