[hooks/security] provide attribute "add" permission
As of today, the update permission on attributes is checked at entity
*creation* time. This forbids using update permissions the proper way.
We set it to be checked at entity update time only.
We introduce a specific 'add' permission rule for attributes.
For backward compatibility, its default value will be the same as the
current 'update' permission.
Notes:
* needs a new yams version (ticket #149216)
* introduces two new 'add_permissions' rdefs (attribute - group|rqlexpr)
* if the update permission was () and the bw compat kicks in, the rule
is not enforced, to avoid un-creatable entity types -- this
restriction will be lifted when the bw compat is gone
* small internal refactoring on check_entity_attributes
* one small pre 3.6.1 bw compat snippet must be removed from schemaserial
Closes #2965518.
/* styles for input with suggestions (as for tags and keywords)
*
* :organization: Logilab
* :copyright: 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
* :contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
*/
div.sgform div.combobox {
z-index: 300;
margin-left: 3px;
width: 150px;
}
div.sgform div.combobox input.suggestions {
width: 100%;
}
div.sgform select{
width: 155px;
}
div.sgformbuttons {
margin-left: 3px;
}
div.sgformbuttons a {
font-weight: bold;
padding:2px 0px;
}
a.sglink {
color: #000;
font-weight: bold;
display: block;
background: url("puce.png") 98% 5px no-repeat;
margin-left: 3px;
padding: 2px 16px 2px 0px;
}
div.suggholder {
z-index: 300;
position: absolute;
}