--- a/rqlrewrite.py Wed Nov 09 19:16:08 2011 +0100
+++ b/rqlrewrite.py Wed Nov 09 19:19:24 2011 +0100
@@ -54,6 +54,7 @@
if varname not in newroot.defined_vars or eschema(etype).final:
continue
allpossibletypes.setdefault(varname, set()).add(etype)
+ # XXX could be factorized with add_etypes_restriction from rql 0.31
for varname in sorted(allpossibletypes):
var = newroot.defined_vars[varname]
stinfo = var.stinfo
--- a/server/repository.py Wed Nov 09 19:16:08 2011 +0100
+++ b/server/repository.py Wed Nov 09 19:19:24 2011 +0100
@@ -528,6 +528,8 @@
This is a public method, not requiring a session id.
"""
# XXX we may want to check we don't give sensible information
+ # XXX the only cube using 'foreid', apycot, stop used this, we probably
+ # want to drop this argument
if foreid is None:
return self.config[option]
_, sourceuri, extid, _ = self.type_and_source_from_eid(foreid)
--- a/server/test/unittest_security.py Wed Nov 09 19:16:08 2011 +0100
+++ b/server/test/unittest_security.py Wed Nov 09 19:19:24 2011 +0100
@@ -570,6 +570,26 @@
self.assertEqual(names, sorted(names, key=lambda x: x.lower()))
cnx.close()
+ def test_restrict_is_instance_ok(self):
+ from rql import RQLException
+ rset = self.execute('Any X WHERE X is_instance_of BaseTransition')
+ rqlst = rset.syntax_tree()
+ select = rqlst.children[0]
+ x = select.get_selected_variables().next()
+ self.assertRaises(RQLException, select.add_type_restriction,
+ x.variable, 'CWUser')
+ select.add_type_restriction(x.variable, 'BaseTransition')
+ select.add_type_restriction(x.variable, 'WorkflowTransition')
+ self.assertEqual(rqlst.as_string(), 'Any X WHERE X is_instance_of WorkflowTransition')
+
+ def test_restrict_is_instance_no_supported(self):
+ rset = self.execute('Any X WHERE X is_instance_of IN(CWUser, CWGroup)')
+ rqlst = rset.syntax_tree()
+ select = rqlst.children[0]
+ x = select.get_selected_variables().next()
+ self.assertRaises(NotImplementedError, select.add_type_restriction,
+ x.variable, 'WorkflowTransition')
+
def test_in_state_without_update_perm(self):
"""check a user change in_state without having update permission on the
subject