[hooks/security] Defer entity permission checks to an Operation.
Some of these checks may currently happen twice within the same
transaction and be costly.
This should be semantically safe. If people rely on some internal
transaction ordering to be allowed early (thus pass) while the
condition wouldn't be met at precommit time, their application is
broken. It however seems unlikely to happen in the real life (tm).
Closes #2932033
from cubicweb import UnknownEid
source, = __args__
sql("DELETE FROM entities WHERE type='Int'")
ecnx = session.cnxset.connection(source)
for e in rql('Any X WHERE X cw_source S, S name %(name)s', {'name': source}).entities():
meta = e.cw_metainformation()
assert meta['source']['uri'] == source
try:
suri = ecnx.describe(meta['extid'])[1]
except UnknownEid:
print 'cant describe', e.cw_etype, e.eid, meta
continue
if suri != 'system':
try:
print 'deleting', e.cw_etype, e.eid, suri, e.dc_title().encode('utf8')
repo.delete_info(session, e, suri, scleanup=e.eid)
except UnknownEid:
print ' cant delete', e.cw_etype, e.eid, meta
commit()