Mercurial Mercurial > pub > hg > cubicweb / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[repo] fix warning message and implementation of bw compat unsafe_execute stable
authorSylvain Thénault <sylvain.thenault@logilab.fr>
Wed, 24 Mar 2010 11:00:02 +0100
branchstable
changeset 4987 ec93dd82c83f
parent 4986 c4ef22c85d16
child 4988 d85f639e9150
[repo] fix warning message and implementation of bw compat unsafe_execute
server/session.py file | annotate | diff | comparison | revisions 
--- a/server/session.py	Wed Mar 24 10:23:57 2010 +0100
+++ b/server/session.py	Wed Mar 24 11:00:02 2010 +0100
@@ -885,13 +885,15 @@
 
     # deprecated ###############################################################
 
-    @deprecated("[3.7] control security with session.[read|write]_security")
+    @deprecated("[3.7] execute is now unsafe by default in hooks/operation. You"
+                " can also control security with session.[read|write]_security")
     def unsafe_execute(self, rql, kwargs=None, eid_key=None, build_descr=True,
                        propagate=False):
         """like .execute but with security checking disabled (this method is
         internal to the server, it's not part of the db-api)
         """
-        return self.execute(rql, kwargs, eid_key, build_descr)
+        with security_enabled(self, read=False, write=False):
+            return self.execute(rql, kwargs, eid_key, build_descr)
 
     @property
     @deprecated("[3.7] is_super_session is deprecated, test "
cubicweb