Mercurial Mercurial > pub > hg > cubicweb / file revisions
summary | shortlog | changelog | graph | tags | bookmarks | branches | file | revisions | annotate | diff | comparison | rss | help
(0) tip
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hooks/security.py
Mon, 15 Jun 2015 10:49:33 +0200 Sylvain Thénault when some inlined relation is set using cw_edited, its security shouldn't be checked. file | diff | annotate
Thu, 22 Jan 2015 17:18:20 +0100 Julien Cristau merge 3.18.8 into 3.19 branch file | diff | annotate
Wed, 21 Jan 2015 15:58:33 +0100 Julien Cristau [security] Test case and fix for an INSERT security hole stable file | diff | annotate
Wed, 17 Dec 2014 10:55:53 +0100 Aurelien Campeas [security] check attributes: dispatch on the "add" action if entity was just created file | diff | annotate
Wed, 24 Sep 2014 18:04:30 +0200 Julien Cristau merge 3.18.6 into 3.19 file | diff | annotate
Tue, 28 Jan 2014 15:27:59 +0100 Aurelien Campeas [hooks/security] allow edition of attributes with permissive permissions stable file | diff | annotate
Tue, 01 Apr 2014 16:28:12 +0200 Julien Cristau [hooks/security] let's use a connection, not a session file | diff | annotate
Mon, 17 Feb 2014 15:32:50 +0100 Julien Cristau merge 3.18.x in 3.19 branch file | diff | annotate
Fri, 14 Feb 2014 16:10:36 +0100 Julien Cristau merge 3.17.13 file | diff | annotate
Wed, 12 Feb 2014 18:15:32 +0100 Aurelien Campeas [hooks/security, devtools/fill] silence yams 0.38.0 warnings stable file | diff | annotate
Mon, 27 Jan 2014 16:19:49 +0100 Julien Cristau merge 3.18.2 into 3.19 branch file | diff | annotate
Thu, 23 Jan 2014 13:47:28 +0100 Sylvain Thénault [multi-sources-removal] Drop entities.source column file | diff | annotate
Tue, 14 Jan 2014 11:14:41 +0100 Aurelien Campeas [hooks/security] silence yams warning (closes #3440707) file | diff | annotate
Thu, 16 Jan 2014 13:50:26 +0100 Julien Cristau [security] Add comment to check_entity_attributes shortcut file | diff | annotate
Thu, 24 Oct 2013 13:15:53 +0200 Aurelien Campeas [hooks/security] provide attribute "add" permission file | diff | annotate
Fri, 04 Oct 2013 17:05:49 +0200 Aurelien Campeas [hooks/security] Defer entity permission checks to an Operation. file | diff | annotate
Wed, 03 Jul 2013 14:16:21 +0200 Aurelien Campeas [hooks/security] Streamline attributes default permission check. stable file | diff | annotate
Thu, 16 Feb 2012 14:15:37 +0100 Sylvain Thénault backport stable file | diff | annotate
Thu, 16 Feb 2012 14:14:52 +0100 Sylvain Thénault [spelling] fix dictionnary -> dictionary typo stable file | diff | annotate
Mon, 23 Jan 2012 13:25:02 +0100 Sylvain Thénault [vreg] move base registry implementation to logilab.common. Closes #1916014 file | diff | annotate
Sat, 09 Oct 2010 00:05:50 +0200 Sylvain Thénault [hook/operation] nicer api to achieve same result as set_operation, as described in #1253630 file | diff | annotate
Wed, 25 Aug 2010 10:29:18 +0200 Sylvain Thénault [session] cleanup hook / operation / entity edition api file | diff | annotate
Thu, 01 Jul 2010 17:06:37 +0200 Sylvain Thénault backport stable file | diff | annotate
Thu, 01 Jul 2010 09:23:39 +0200 Sylvain Thénault [security] use set_operation for relation permission checking operation stable file | diff | annotate
Mon, 21 Jun 2010 15:34:46 +0200 Sylvain Thénault backport stable file | diff | annotate
Mon, 21 Jun 2010 15:32:26 +0200 Sylvain Thénault [transaction w/ separated web/repo processes] the dbapi should explicitly specify a transaction id to avoid confusion when web server / repository run in separated processes stable file | diff | annotate
Mon, 07 Jun 2010 13:31:46 +0200 Sylvain Thénault [security hooks] fix bad merge file | diff | annotate
Mon, 07 Jun 2010 13:22:24 +0200 Sylvain Thénault backport stable file | diff | annotate
Fri, 04 Jun 2010 13:09:12 +0200 Sylvain Thénault on entity creation, accept attributes without any update access stable file | diff | annotate
Tue, 01 Jun 2010 17:06:41 +0200 Pierre-Yves David [web test] Add a CubicWebServerTC class to run test with a cw web serveur available. file | diff | annotate
Thu, 20 May 2010 20:50:00 +0200 Sylvain Thénault [entity] continue cleanup of Entity/AnyEntity namespace file | diff | annotate
Fri, 30 Apr 2010 18:24:29 +0200 Aurelien Campeas [hooks/...] fix previous commit stable file | diff | annotate
Fri, 30 Apr 2010 16:39:50 +0200 Aurelien Campeas [hooks/operations] use set_operations for three ops (huge gains for massive imports) stable file | diff | annotate
Wed, 28 Apr 2010 12:15:52 +0200 Sylvain Thénault replace logilab-common by CubicWeb in disclaimer oldstable file | diff | annotate
Wed, 28 Apr 2010 10:06:01 +0200 Sylvain Thénault proper licensing information (LGPL-2.1). Hope I get it right this time. stable file | diff | annotate
Wed, 24 Mar 2010 15:22:01 +0100 Sylvain Thénault don't update dontcheck until everything went fine: stable file | diff | annotate
Mon, 22 Mar 2010 17:58:03 +0100 Sylvain Thénault fix security issue introduced by 4967:04543ed0bbdc: attributes explicitly set by hooks should not be checked by security hooks file | diff | annotate
Tue, 09 Mar 2010 08:59:43 +0100 Sylvain Thénault [repo] enhanced security handling: deprecates unsafe_execute, in favor of explicit read/write security control using the `enabled_security` context manager. Also code executed on the repository side is now unsafe by default. file | diff | annotate
Mon, 15 Feb 2010 15:14:27 +0100 Sylvain Thénault [security] we should save back edited_attributes in case of multiple modification of an entity during the same transaction stable file | diff | annotate
Mon, 15 Feb 2010 15:10:25 +0100 Sylvain Thénault follow yams api change: attributes permissions are now defined for stable file | diff | annotate
Mon, 18 Jan 2010 19:21:30 +0100 Sylvain Thénault backport stable branch file | diff | annotate | base
Tue, 22 Dec 2009 19:27:26 +0100 Sylvain Thénault fix bad merge file | diff | annotate
Tue, 08 Dec 2009 17:48:06 +0100 Sylvain Thénault had been involontarly dropped file | diff | annotate
Mon, 07 Dec 2009 05:09:09 -0800 Sandrine Ribeau fix bad merge file | diff | annotate
Fri, 20 Nov 2009 19:35:54 +0100 Sylvain Thénault backport stable branch (one more time painfully) file | diff | annotate | base
Mon, 19 Oct 2009 15:16:41 +0200 Sylvain Thénault backport stable file | diff | annotate | base
Wed, 23 Sep 2009 08:42:52 +0200 Sylvain Thénault [appobjects] use __regid__ instead of __id__, more explicit file | diff | annotate
Fri, 21 Aug 2009 16:26:20 +0200 Sylvain Thénault somewhat painful backport of 3.5 branch, should mostly be ok file | diff | annotate | base
Tue, 18 Aug 2009 00:29:19 +0200 Sylvain Thénault should directly use entity.check_perm now that we've an entity instance file | diff | annotate
Fri, 14 Aug 2009 14:31:25 +0200 Sylvain Thénault use ._cw instead of .cw_req file | diff | annotate
Fri, 14 Aug 2009 09:26:41 +0200 Sylvain Thénault [hooks] major refactoring: file | diff | annotate | base
less more (0) tip
cubicweb