"add" permission for attributes (to distinguish from "update")

Closes #149216.

authorAurelien Campeas <aurelien.campeas@logilab.fr>
changesetb5d7178f8cb4
branchdefault
phasedraft
hiddenyes
parent revision#99d6f01f853d [schema] add a warning to avoid a potential silent bug (follows #109207)
child revision<not specified>
files modified by this revision
buildobjs.py
schema.py
test/unittest_reader.py
# HG changeset patch
# User Aurelien Campeas <aurelien.campeas@logilab.fr>
# Date 1372173612 -7200
# Tue Jun 25 17:20:12 2013 +0200
# Node ID b5d7178f8cb497dde88f47e56d7bc184fe684ec3
# Parent 99d6f01f853db229223d8df2a95ba17cf9201343
"add" permission for attributes (to distinguish from "update")

Closes #149216.

diff --git a/buildobjs.py b/buildobjs.py
@@ -116,18 +116,18 @@
1              # XXX add a group in read perms to satisfy schema constraints in cw
2              __permissions__={'read': ('users',), 'add': (), 'delete': (),
3                               'update': ()})
4          schema.add_entity_type(edef)
5 
6 -# XXX use a "frozendict"
7 +
8  DEFAULT_RELPERMS = {'read': ('managers', 'users', 'guests',),
9                      'delete': ('managers', 'users'),
10                      'add': ('managers', 'users',)}
11 
12  DEFAULT_ATTRPERMS = {'read': ('managers', 'users', 'guests',),
13 -                     'update': ('managers', 'owners'),
14 -                     }
15 +                     'add': ('managers', 'users'),
16 +                     'update': ('managers', 'owners')}
17 
18  class Relation(object):
19      """Abstract class which have to be defined before the metadefinition
20      meta-class.
21      """
@@ -280,11 +280,10 @@
22      #:  .. automethod:: EntityType.remove_relation
23      #:  .. automethod:: EntityType.get_relation
24      #:  .. automethod:: EntityType.get_relations
25 
26      __metaclass__ = metadefinition
27 -    # XXX use a "frozendict"
28      __permissions__ = {
29          'read': ('managers', 'users', 'guests',),
30          'update': ('managers', 'owners',),
31          'delete': ('managers', 'owners'),
32          'add': ('managers', 'users',)
diff --git a/schema.py b/schema.py
@@ -46,21 +46,27 @@
33  def check_permission_definitions(schema):
34      """check permissions are correctly defined"""
35      # already initialized, check everything is fine
36      for action, groups in schema.permissions.items():
37          # bw compat
38 -        if action in ('add', 'delete') and isinstance(schema, RelationDefinitionSchema) and schema.final:
39 -            warnings.warn('[yams 0.28] %s: "delete"/"add" permissions on attribute '
40 -                          'have been replaced by "update"' % schema,
41 +        if action == 'delete' and isinstance(schema, RelationDefinitionSchema) and schema.final:
42 +            warnings.warn('[yams 0.28] %s: "delete" permissions on attribute '
43 +                          'has been replaced by "update"' % schema,
44                            DeprecationWarning)
45              schema.permissions['update'] = schema.permissions['add']
46          else:
47              assert action in schema.ACTIONS, \
48                     'unknown action %s for %s' % (action, schema)
49          assert isinstance(groups, tuple), \
50                 ('permission for action %s of %s isn\'t a tuple as '
51                  'expected' % (action, schema))
52 +    if isinstance(schema, RelationDefinitionSchema) and schema.final:
53 +        if not 'add' in schema.permissions:
54 +            schema.permissions['add'] = schema.permissions['update']
55 +            warnings.warn('[yams 0.38] %s: new "add" permissions on attribute set as'
56 +                          '"update" by default, but you should make it explicit' % schema,
57 +                          DeprecationWarning)
58      for action in schema.ACTIONS:
59          assert action in schema.permissions, \
60                 'missing expected permissions for action %s for %s' % (action, schema)
61 
62  def rehash(dictionary):
@@ -981,11 +987,11 @@
63          self.object = object
64 
65      @property
66      def ACTIONS(self):
67          if self.rtype.final:
68 -            return ('read', 'update')
69 +            return ('read', 'add', 'update')
70          else:
71              return ('read', 'add', 'delete')
72 
73      def update(self, values):
74          # XXX check we're copying existent properties
diff --git a/test/unittest_reader.py b/test/unittest_reader.py
@@ -254,10 +254,11 @@
75          self.assertEqual(rschema.rdef('Company', 'String').permissions,
76                            buildobjs.DEFAULT_ATTRPERMS)
77          rschema = schema.rschema('tel')
78          self.assertEqual(rschema.rdef('Person', 'Int').permissions,
79                            {'read': (),
80 +                           'add': ('managers',),
81                             'update': ('managers',)})
82 
83 
84      def test_entity_permissions(self):
85          eschema = schema.eschema('State')