[selectors] relation_possible selector accept None as action, in which case no perms checking is done stable
authorSylvain Thénault <sylvain.thenault@logilab.fr>
Fri, 11 Jun 2010 13:00:02 +0200
branchstable
changeset 5732 7b0765f22ad0
parent 5731 b12afc4dc5e3
child 5733 d00d1fab42af
[selectors] relation_possible selector accept None as action, in which case no perms checking is done
selectors.py
--- a/selectors.py	Fri Jun 11 11:37:17 2010 +0200
+++ b/selectors.py	Fri Jun 11 13:00:02 2010 +0200
@@ -781,7 +781,7 @@
 
     * `action`, a relation schema action (e.g. one of 'read', 'add', 'delete',
       default to 'read') which must be granted to the user, else a 0 score will
-      be returned
+      be returned. Give None if you don't want any permission checking.
 
     * `strict`, boolean (default to False) telling what to do when the user has
       not globally the permission for the action (eg the action is not granted
@@ -839,11 +839,11 @@
         if self.target_etype is not None:
             try:
                 rdef = rschema.role_rdef(eschema, self.target_etype, self.role)
-                if not rdef.may_have_permission(self.action, req):
+                if self.action and not rdef.may_have_permission(self.action, req):
                     return 0
             except KeyError:
                 return 0
-        else:
+        elif self.action:
             return rschema.may_have_permission(self.action, req, eschema, self.role)
         return 1
 
@@ -851,13 +851,14 @@
         rschema = self._get_rschema(entity)
         if rschema is None:
             return 0 # relation not supported
-        if self.target_etype is not None:
-            rschema = rschema.role_rdef(entity.e_schema, self.target_etype, self.role)
-        if self.role == 'subject':
-            if not rschema.has_perm(entity._cw, 'add', fromeid=entity.eid):
+        if self.action:
+            if self.target_etype is not None:
+                rschema = rschema.role_rdef(entity.e_schema, self.target_etype, self.role)
+            if self.role == 'subject':
+                if not rschema.has_perm(entity._cw, self.action, fromeid=entity.eid):
+                    return 0
+            elif not rschema.has_perm(entity._cw, self.action, toeid=entity.eid):
                 return 0
-        elif not rschema.has_perm(entity._cw, 'add', toeid=entity.eid):
-            return 0
         return 1