[hooks/security] allow edition of attributes with permissive permissions
If an attribute has more permissive security rules than the entity
type itself, we should be green and not deny action because of an
early global entity permission check (with the more restrictive
rules).
Only if one attribute with the entity-level permission rules is edited
will the global check be performed.
Note:
* the "if action == 'delete'" check at the entry of
check_entity_attributes is a guard for a condition currently not
happening in cubicweb itself (but application hooks could
conceivably call this function with a 'delete' action)
Closes #3489895.
# for el5, force use of python2.6
%%if 0%%{?el5}
%%define python python26
%%define __python /usr/bin/python2.6
%%else
%%define python python
%%define __python /usr/bin/python
%%endif
%%{!?_python_sitelib: %%define _python_sitelib %%(%%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}
Name: %(distname)s
Version: 0.1.0
Release: logilab.1%%{?dist}
Summary: %(shortdesc)s
Group: Applications/Internet
License: %(license)s
Source0: %(distname)s-%%{version}.tar.gz
BuildArch: noarch
BuildRoot: %%{_tmppath}/%%{name}-%%{version}-%%{release}-buildroot
BuildRequires: %%{python} %%{python}-setuptools
Requires: cubicweb >= %(version)s
%%description
%(longdesc)s
%%prep
%%setup -q -n %(distname)s-%%{version}
%%if 0%%{?el5}
# change the python version in shebangs
find . -name '*.py' -type f -print0 | xargs -0 sed -i '1,3s;^#!.*python.*$;#! /usr/bin/python2.6;'
%%endif
%%install
NO_SETUPTOOLS=1 %%{__python} setup.py --quiet install --no-compile --prefix=%%{_prefix} --root="$RPM_BUILD_ROOT"
# remove generated .egg-info file
rm -rf $RPM_BUILD_ROOT/usr/lib/python*
%%clean
rm -rf $RPM_BUILD_ROOT
%%files
%%defattr(-, root, root)
/*