# HG changeset patch
# User pierre-yves
# Date 1371130570 -7200
# Node ID 0368b94921ed29841a4b5e47edd2a9b3ea190fae
# Parent  65b8236e1bb4431263215727955ab21817119fdc
Drop hijack user (closes #2901093)

Deprecated since 3.17.0. Dropping this function help the session cleanup
business.

diff -r 65b8236e1bb4 -r 0368b94921ed dbapi.py
--- a/dbapi.py	Thu Jun 13 17:27:43 2013 +0200
+++ b/dbapi.py	Thu Jun 13 15:36:10 2013 +0200
@@ -415,13 +415,6 @@
         """return the definition of sources used by the repository."""
         return self.cnx.source_defs()
 
-    @deprecated('[3.17] do not use hijack_user. create new Session object')
-    def hijack_user(self, user):
-        """return a fake request/session using specified user"""
-        req = DBAPIRequest(self.vreg)
-        req.set_session(self.session, user)
-        return req
-
     @deprecated('[3.8] use direct access to req.session.data dictionary')
     def session_data(self):
         """return a dictionary containing session data"""
diff -r 65b8236e1bb4 -r 0368b94921ed doc/4.0.rst
--- a/doc/4.0.rst	Thu Jun 13 17:27:43 2013 +0200
+++ b/doc/4.0.rst	Thu Jun 13 15:36:10 2013 +0200
@@ -6,3 +6,5 @@
 
 * The ldapuser source has been dropped. ldapfeed is the only official source
   remaining for ldap.
+
+* session.hijack_user mechanism has been dropped.
diff -r 65b8236e1bb4 -r 0368b94921ed server/session.py
--- a/server/session.py	Thu Jun 13 17:27:43 2013 +0200
+++ b/server/session.py	Thu Jun 13 15:36:10 2013 +0200
@@ -904,22 +904,6 @@
         """
         return transaction(self, free_cnxset)
 
-
-    @deprecated('[3.17] do not use hijack_user. create new Session object')
-    def hijack_user(self, user):
-        """return a fake request/session using specified user"""
-        session = Session(user, self.repo)
-        tx = session._tx
-        tx.cnxset = self.cnxset
-        # share pending_operations, else operation added in the hi-jacked
-        # session such as SendMailOp won't ever be processed
-        tx.pending_operations = self.pending_operations
-        # everything in tx.data should be copied back but the entity
-        # type cache we don't want to avoid security pb
-        tx.data = self._tx.data.copy()
-        tx.data.pop('ecache', None)
-        return session
-
     def add_relation(self, fromeid, rtype, toeid):
         """provide direct access to the repository method to add a relation.