Mercurial > p > roundup > code
comparison roundup/security.py @ 8131:8e9181dfc9fa permission-performance
Fix searchable checks in roundup/security.py
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Tue, 22 Oct 2024 15:03:36 +0200 |
| parents | b358da7c89e5 |
| children | de58ff07890e |
comparison
equal
deleted
inserted
replaced
| 8130:9056b0c8fcd6 | 8131:8e9181dfc9fa |
|---|---|
| 153 | 153 |
| 154 # are we checking the correct class | 154 # are we checking the correct class |
| 155 if self.klass is not None and self.klass != classname: | 155 if self.klass is not None and self.klass != classname: |
| 156 return 0 | 156 return 0 |
| 157 | 157 |
| 158 # Do not allow access if we have a check method | |
| 159 if self.check: | |
| 160 return 0 | |
| 161 | |
| 162 # Allow if we have access to *all* properties | |
| 163 if self.properties is None: | |
| 164 return 1 | |
| 165 | |
| 158 # what about property? | 166 # what about property? |
| 159 if not self._properties_dict[property]: | 167 if not self._properties_dict[property]: |
| 160 return 0 | |
| 161 | |
| 162 if self.check: | |
| 163 return 0 | 168 return 0 |
| 164 | 169 |
| 165 return 1 | 170 return 1 |
| 166 | 171 |
| 167 def __repr__(self): | 172 def __repr__(self): |
| 274 def searchable (self, classname, propname): | 279 def searchable (self, classname, propname): |
| 275 for perm in 'View', 'Search': | 280 for perm in 'View', 'Search': |
| 276 # Only permissions without a check method | 281 # Only permissions without a check method |
| 277 if perm not in self._permissions: | 282 if perm not in self._permissions: |
| 278 continue | 283 continue |
| 279 if classname not in self._permissions[perm]: | 284 p = self._permissions[perm] |
| 285 if classname not in p and None not in p: | |
| 280 continue | 286 continue |
| 281 for p in self._permissions[perm][classname][False]: | 287 if None in p: |
| 282 if p.searchable(classname, propname): | 288 for p in p[None][False]: |
| 283 return True | 289 if p.searchable(classname, propname): |
| 290 return True | |
| 291 if classname in p: | |
| 292 for p in p[classname][False]: | |
| 293 if p.searchable(classname, propname): | |
| 294 return True | |
| 284 | 295 |
| 285 | 296 |
| 286 class Security: | 297 class Security: |
| 287 def __init__(self, db): | 298 def __init__(self, db): |
| 288 ''' Initialise the permission and role classes, and add in the | 299 ''' Initialise the permission and role classes, and add in the |