[session] move context manager logic in the security context manager
authorPierre-Yves David <pierre-yves.david@logilab.fr>
Wed, 27 Mar 2013 16:43:34 +0100
changeset 8816 fe321c0f6d13
parent 8815 18022ed7c7a5
child 8817 6ce87a0f0a0c
[session] move context manager logic in the security context manager The `init_security` and `reset_security` method have no other user that the context manager itself. Having dedicated public function is not useful.
devtools/fake.py
server/session.py
--- a/devtools/fake.py	Wed Mar 27 16:42:18 2013 +0100
+++ b/devtools/fake.py	Wed Mar 27 16:43:34 2013 +0100
@@ -163,10 +163,6 @@
 
     # for use with enabled_security context manager
     read_security = write_security = True
-    def init_security(self, *args):
-        return None, None
-    def reset_security(self, *args):
-        return
 
 class FakeRepo(object):
     querier = None
--- a/server/session.py	Wed Mar 27 16:42:18 2013 +0100
+++ b/server/session.py	Wed Mar 27 16:43:34 2013 +0100
@@ -153,13 +153,32 @@
         self.session = session
         self.read = read
         self.write = write
+        self.oldread = None
+        self.oldwrite = None
 
     def __enter__(self):
-        self.oldread, self.oldwrite = self.session.init_security(
-            self.read, self.write)
+        if self.read is None:
+            self.oldread = None
+        else:
+            self.oldread = self.session._tx.read_security
+            self.session._tx.read_security = self.read
+        if self.write is None:
+            self.oldwrite = None
+        else:
+            self.oldwrite = self.session._tx.write_security
+            self.session._tx.write_security = self.write
+        self.session._tx.ctx_count += 1
 
     def __exit__(self, exctype, exc, traceback):
-        self.session.reset_security(self.oldread, self.oldwrite)
+        tx = self.session._tx
+        tx.ctx_count -= 1
+        if tx.ctx_count == 0:
+            self.session._clear_thread_storage(tx)
+        else:
+            if self.oldread is not None:
+                self.session._tx.read_security = self.oldread
+            if self.oldwrite is not None:
+                self.session._tx.write_security = self.oldwrite
 
 HOOKS_ALLOW_ALL = object()
 HOOKS_DENY_ALL = object()
@@ -693,8 +712,6 @@
       :attr:`read_security` and :attr:`write_security`, boolean flags telling if
       read/write security is currently activated.
 
-    .. automethod:: cubicweb.server.session.Session.init_security
-    .. automethod:: cubicweb.server.session.Session.reset_security
     .. automethod:: cubicweb.server.session.Session.security_enabled
 
     Hooks Management:
@@ -971,31 +988,6 @@
     def security_enabled(self, read=None, write=None):
         return security_enabled(self, read=read, write=write)
 
-    def init_security(self, read, write):
-        if read is None:
-            oldread = None
-        else:
-            oldread = self._tx.read_security
-            self._tx.read_security = read
-        if write is None:
-            oldwrite = None
-        else:
-            oldwrite = self._tx.write_security
-            self._tx.write_security = write
-        self._tx.ctx_count += 1
-        return oldread, oldwrite
-
-    def reset_security(self, read, write):
-        tx = self._tx
-        tx.ctx_count -= 1
-        if tx.ctx_count == 0:
-            self._clear_thread_storage(tx)
-        else:
-            if read is not None:
-                self._tx.read_security = read
-            if write is not None:
-                self._tx.write_security = write
-
     read_security = tx_attr('read_security', writable=True)
     write_security = tx_attr('write_security', writable=True)
     running_dbapi_query = tx_attr('running_dbapi_query')