diff -r 3cc6154b94a3 -r 9ca33768473c web/views/autoform.py --- a/web/views/autoform.py Mon Sep 14 11:15:47 2015 +0200 +++ b/web/views/autoform.py Mon Oct 12 10:53:35 2015 +0200 @@ -128,6 +128,7 @@ from logilab.mtconverter import xml_escape from logilab.common.decorators import iclassmethod, cached from logilab.common.deprecation import deprecated +from logilab.common.registry import NoSelectableObject from cubicweb import neg_role, uilib from cubicweb.schema import display_name @@ -947,6 +948,8 @@ def check_inlined_rdef_permissions(self, rschema, role, tschema, ttype): """return true if permissions are granted on the inlined object and relation""" + if not tschema.has_perm(self._cw, 'add'): + return False entity = self.edited_entity rdef = entity.e_schema.rdef(rschema, role, ttype) if entity.has_eid(): @@ -954,10 +957,8 @@ rdefkwargs = {'fromeid': entity.eid} else: rdefkwargs = {'toeid': entity.eid} - else: - rdefkwargs = {} - return (tschema.has_perm(self._cw, 'add') - and rdef.has_perm(self._cw, 'add', **rdefkwargs)) + return rdef.has_perm(self._cw, 'add', **rdefkwargs) + return rdef.may_have_permission('add', self._cw) def should_hide_add_new_relation_link(self, rschema, card): @@ -988,11 +989,16 @@ """yield inline form views to a newly related (hence created) entity through the given relation """ - yield self._cw.vreg['views'].select('inline-creation', self._cw, - etype=ttype, rtype=rschema, role=role, - peid=self.edited_entity.eid, - petype=self.edited_entity.e_schema, - pform=self) + try: + yield self._cw.vreg['views'].select('inline-creation', self._cw, + etype=ttype, rtype=rschema, role=role, + peid=self.edited_entity.eid, + petype=self.edited_entity.e_schema, + pform=self) + except NoSelectableObject: + # may be raised if user doesn't have the permission to add ttype entities (no checked + # earlier) or if there is some custom selector on the view + pass ## default form ui configuration ##############################################