# HG changeset patch # User Pierre-Yves David # Date 1364399014 -3600 # Node ID fe321c0f6d139cfbad19540ea1fb69679ef6871c # Parent 18022ed7c7a57f4bf17236a3fa4aaba8a6cc7243 [session] move context manager logic in the security context manager The `init_security` and `reset_security` method have no other user that the context manager itself. Having dedicated public function is not useful. diff -r 18022ed7c7a5 -r fe321c0f6d13 devtools/fake.py --- a/devtools/fake.py Wed Mar 27 16:42:18 2013 +0100 +++ b/devtools/fake.py Wed Mar 27 16:43:34 2013 +0100 @@ -163,10 +163,6 @@ # for use with enabled_security context manager read_security = write_security = True - def init_security(self, *args): - return None, None - def reset_security(self, *args): - return class FakeRepo(object): querier = None diff -r 18022ed7c7a5 -r fe321c0f6d13 server/session.py --- a/server/session.py Wed Mar 27 16:42:18 2013 +0100 +++ b/server/session.py Wed Mar 27 16:43:34 2013 +0100 @@ -153,13 +153,32 @@ self.session = session self.read = read self.write = write + self.oldread = None + self.oldwrite = None def __enter__(self): - self.oldread, self.oldwrite = self.session.init_security( - self.read, self.write) + if self.read is None: + self.oldread = None + else: + self.oldread = self.session._tx.read_security + self.session._tx.read_security = self.read + if self.write is None: + self.oldwrite = None + else: + self.oldwrite = self.session._tx.write_security + self.session._tx.write_security = self.write + self.session._tx.ctx_count += 1 def __exit__(self, exctype, exc, traceback): - self.session.reset_security(self.oldread, self.oldwrite) + tx = self.session._tx + tx.ctx_count -= 1 + if tx.ctx_count == 0: + self.session._clear_thread_storage(tx) + else: + if self.oldread is not None: + self.session._tx.read_security = self.oldread + if self.oldwrite is not None: + self.session._tx.write_security = self.oldwrite HOOKS_ALLOW_ALL = object() HOOKS_DENY_ALL = object() @@ -693,8 +712,6 @@ :attr:`read_security` and :attr:`write_security`, boolean flags telling if read/write security is currently activated. - .. automethod:: cubicweb.server.session.Session.init_security - .. automethod:: cubicweb.server.session.Session.reset_security .. automethod:: cubicweb.server.session.Session.security_enabled Hooks Management: @@ -971,31 +988,6 @@ def security_enabled(self, read=None, write=None): return security_enabled(self, read=read, write=write) - def init_security(self, read, write): - if read is None: - oldread = None - else: - oldread = self._tx.read_security - self._tx.read_security = read - if write is None: - oldwrite = None - else: - oldwrite = self._tx.write_security - self._tx.write_security = write - self._tx.ctx_count += 1 - return oldread, oldwrite - - def reset_security(self, read, write): - tx = self._tx - tx.ctx_count -= 1 - if tx.ctx_count == 0: - self._clear_thread_storage(tx) - else: - if read is not None: - self._tx.read_security = read - if write is not None: - self._tx.write_security = write - read_security = tx_attr('read_security', writable=True) write_security = tx_attr('write_security', writable=True) running_dbapi_query = tx_attr('running_dbapi_query')