cubicweb: File revisions

Mercurial Mercurial > pub > hg > cubicweb / file revisions

hooks/security.py

2015-07-21	Julien Cristau	[hook] remove assumption about entity cache vs cw_edited	file \| diff \| annotate
2015-07-21	Julien Cristau	[hook] don't open-code Connection.entity_cache	file \| diff \| annotate
2015-06-15	Sylvain Thénault	when some inlined relation is set using cw_edited, its security shouldn't be checked.	file \| diff \| annotate
2015-01-22	Julien Cristau	merge 3.18.8 into 3.19 branch	file \| diff \| annotate
2015-01-21	Julien Cristau	[security] Test case and fix for an INSERT security hole stable	file \| diff \| annotate
2014-12-17	Aurelien Campeas	[security] check attributes: dispatch on the "add" action if entity was just created	file \| diff \| annotate
2014-09-24	Julien Cristau	merge 3.18.6 into 3.19	file \| diff \| annotate
2014-01-28	Aurelien Campeas	[hooks/security] allow edition of attributes with permissive permissions stable	file \| diff \| annotate
2014-04-01	Julien Cristau	[hooks/security] let's use a connection, not a session	file \| diff \| annotate
2014-02-17	Julien Cristau	merge 3.18.x in 3.19 branch	file \| diff \| annotate
2014-02-14	Julien Cristau	merge 3.17.13	file \| diff \| annotate
2014-02-12	Aurelien Campeas	[hooks/security, devtools/fill] silence yams 0.38.0 warnings stable	file \| diff \| annotate
2014-01-27	Julien Cristau	merge 3.18.2 into 3.19 branch	file \| diff \| annotate
2014-01-23	Sylvain Thénault	[multi-sources-removal] Drop entities.source column	file \| diff \| annotate
2014-01-14	Aurelien Campeas	[hooks/security] silence yams warning (closes #3440707)	file \| diff \| annotate
2014-01-16	Julien Cristau	[security] Add comment to check_entity_attributes shortcut	file \| diff \| annotate
2013-10-24	Aurelien Campeas	[hooks/security] provide attribute "add" permission	file \| diff \| annotate
2013-10-04	Aurelien Campeas	[hooks/security] Defer entity permission checks to an Operation.	file \| diff \| annotate
2013-07-03	Aurelien Campeas	[hooks/security] Streamline attributes default permission check. stable	file \| diff \| annotate
2012-02-16	Sylvain Thénault	backport stable	file \| diff \| annotate
2012-02-16	Sylvain Thénault	[spelling] fix dictionnary -> dictionary typo stable	file \| diff \| annotate
2012-01-23	Sylvain Thénault	[vreg] move base registry implementation to logilab.common. Closes #1916014	file \| diff \| annotate
2010-10-08	Sylvain Thénault	[hook/operation] nicer api to achieve same result as set_operation, as described in #1253630	file \| diff \| annotate
2010-08-25	Sylvain Thénault	[session] cleanup hook / operation / entity edition api	file \| diff \| annotate
2010-07-01	Sylvain Thénault	backport stable	file \| diff \| annotate
2010-07-01	Sylvain Thénault	[security] use set_operation for relation permission checking operation stable	file \| diff \| annotate
2010-06-21	Sylvain Thénault	backport stable	file \| diff \| annotate
2010-06-21	Sylvain Thénault	[transaction w/ separated web/repo processes] the dbapi should explicitly specify a transaction id to avoid confusion when web server / repository run in separated processes stable	file \| diff \| annotate
2010-06-07	Sylvain Thénault	[security hooks] fix bad merge	file \| diff \| annotate
2010-06-07	Sylvain Thénault	backport stable	file \| diff \| annotate
2010-06-04	Sylvain Thénault	on entity creation, accept attributes without any update access stable	file \| diff \| annotate
2010-06-01	Pierre-Yves David	[web test] Add a CubicWebServerTC class to run test with a cw web serveur available.	file \| diff \| annotate
2010-05-20	Sylvain Thénault	[entity] continue cleanup of Entity/AnyEntity namespace	file \| diff \| annotate
2010-04-30	Aurelien Campeas	[hooks/...] fix previous commit stable	file \| diff \| annotate
2010-04-30	Aurelien Campeas	[hooks/operations] use set_operations for three ops (huge gains for massive imports) stable	file \| diff \| annotate
2010-04-28	Sylvain Thénault	replace logilab-common by CubicWeb in disclaimer oldstable	file \| diff \| annotate
2010-04-28	Sylvain Thénault	proper licensing information (LGPL-2.1). Hope I get it right this time. stable	file \| diff \| annotate
2010-03-24	Sylvain Thénault	don't update dontcheck until everything went fine: stable	file \| diff \| annotate
2010-03-22	Sylvain Thénault	fix security issue introduced by 4967:04543ed0bbdc: attributes explicitly set by hooks should not be checked by security hooks	file \| diff \| annotate
2010-03-09	Sylvain Thénault	[repo] enhanced security handling: deprecates unsafe_execute, in favor of explicit read/write security control using the `enabled_security` context manager. Also code executed on the repository side is now unsafe by default.	file \| diff \| annotate
2010-02-15	Sylvain Thénault	[security] we should save back edited_attributes in case of multiple modification of an entity during the same transaction stable	file \| diff \| annotate
2010-02-15	Sylvain Thénault	follow yams api change: attributes permissions are now defined for stable	file \| diff \| annotate
2010-01-18	Sylvain Thénault	backport stable branch	file \| diff \| annotate \| base
2009-12-22	Sylvain Thénault	fix bad merge	file \| diff \| annotate
2009-12-08	Sylvain Thénault	had been involontarly dropped	file \| diff \| annotate
2009-12-07	Sandrine Ribeau	fix bad merge	file \| diff \| annotate
2009-11-20	Sylvain Thénault	backport stable branch (one more time painfully)	file \| diff \| annotate \| base
2009-10-19	Sylvain Thénault	backport stable	file \| diff \| annotate \| base
2009-09-23	Sylvain Thénault	[appobjects] use __regid__ instead of __id__, more explicit	file \| diff \| annotate
2009-08-21	Sylvain Thénault	somewhat painful backport of 3.5 branch, should mostly be ok	file \| diff \| annotate \| base
2009-08-17	Sylvain Thénault	should directly use entity.check_perm now that we've an entity instance	file \| diff \| annotate
2009-08-14	Sylvain Thénault	use ._cw instead of .cw_req	file \| diff \| annotate
2009-08-14	Sylvain Thénault	[hooks] major refactoring:	file \| diff \| annotate \| base

less more (0) tip

cubicweb

RSS Atom