logo

📕 Guides

  • Introduction to CubicWeb
    • 1. A little history…
    • 2. The Core Concepts of CubicWeb
  • Tutorials
    • Building a simple blog with CubicWeb
      • Get a blog running in five minutes!
      • Discovering the web interface
      • Customizing your application
      • What’s next?
    • Building a photo gallery with CubicWeb
      • 1. Cube creation and schema definition
      • 2. Security, testing and migration
      • 3. Storing images on the file-system
      • 4. Let’s make it more user friendly
      • 5. Building my photos web site with CubicWeb part V: let’s make it even more user friendly
    • Use Windmill with CubicWeb
    • Writing text reports with RestructuredText
    • Importing relational data into a CubicWeb instance
    • Create a Website from scratch with CubicWeb
      • Getting started
      • Enhance views
      • Data management with CubicWeb
  • Migrating to v4

⚙ Setup and Usage

  • Setup and Administration
    • 1. Install a CubicWeb environment
    • 2. Configure a CubicWeb environment
    • 3. Deploy a CubicWeb application
    • 4. cubicweb-ctl tool
    • 5. Creation of your first instance
    • 6. Configure an instance
    • 7. User interface for web site configuration
    • 8. Multiple sources of data
    • 9. LDAP integration
    • 10. RQL logs
  • Backend Development
    • 1. Cubes
      • 1.1. What is a Cube?
      • 1.2. Standard structure for a cube
      • 1.4. Creating a new cube from scratch
      • 1.5. Available cubes
    • 2. The Registry, selectors and application objects
    • 3. Data model
      • 3.1. Yams schema
      • 3.4. Metadata
      • 3.5. Pre-defined entities in the library
      • 3.6. Defining a Workflow
    • 4. Data as objects
      • 4.1. Access to persistent data
      • 4.5. Loaded attributes and default sorting management
      • 4.6. Interfaces and Adapters
      • 4.7. How to use entities objects and adapters
    • 5. Core APIs
      • 5.1. Request and ResultSet methods
    • 6. Repository customization
      • 6.1. Sessions
      • 6.3. Hooks and Operations
      • 6.4. Notifications management
      • 6.5. Tasks
    • 7. Tests
    • 8. Migration
    • 9. Profiling and performance
    • 10. Full Text Indexing in CubicWeb
    • 11. Data Import
    • 12. Debug Channels
    • 14. Source connections pooler
  • Web Frontend Development
    • Publisher
    • Controllers
    • The Request class ( cubicweb.web.request )
    • RQL search bar
    • The View system
      • Principles
      • Templates
      • The Primary View
      • The “Click and Edit” (also reledit ) View
      • Base views
      • Startup views
      • Boxes
      • Table views
      • XML and RSS views
      • URL publishing
      • Breadcrumbs
      • The ‘download’ views
      • Online documentation system
    • Configuring the user interface
    • Ajax
    • Javascript
    • CSS Stylesheet
    • Edition control
      • HTML form construction
      • Dissection of an entity form
      • The edit controller
      • Examples
    • The facets system
    • Internationalization
    • The property mecanism
    • HTTP cache management
    • Locate resources
  • Pyramid
    • Quick start
    • The ‘pyramid’ command
    • Settings
    • Authentication
    • The pyramid debug toolbar
  • Additional Services
    • Undoing changes in CubicWeb

➕ More

  • Appendixes
    • 1. Frequently Asked Questions (FAQ)
    • 2. Relation Query Language (RQL)
      • 2.1. Introduction
      • 2.2. RQL syntax
      • 2.3. Debugging RQL
      • 2.4. RQL usecases
      • 2.5. Implementation
    • 3. Introducing Mercurial
    • 4. Installation dependencies
    • 5. Javascript docstrings
  • Changelog
  • API
    • cubicweb
    • cubicweb.appobject
    • cubicweb.cwvreg
    • cubicweb.dataimport
    • cubicweb.predicates
    • cubicweb.pyramid
      • cubicweb.pyramid.auth
      • cubicweb.pyramid.bwcompat
      • cubicweb.pyramid.core
      • cubicweb.pyramid.login
      • cubicweb.pyramid.profile
      • cubicweb.pyramid.session
      • cubicweb.pyramid.url_redirection
    • cubicweb.req
    • cubicweb.rset
    • cubicweb.web.views.urlpublishing
    • cubicweb.web.views.urlrewrite
    • cubicweb.web
Theme by the Executable Book Project
  • .rst
Contents
  • Summary
  • Long description of the problem
  • Links on the development forge

Bug related to permissions for displaying reledit form

Contents

  • Summary
  • Long description of the problem
  • Links on the development forge

Bug related to permissions for displaying reledit form#

Summary#

There was a bug in the computation of permissions for relations in the context of displaying reledit form. It has been fixed in version 3.32 of CubicWeb.

Long description of the problem#

The method _should_edit_relation who chooses if the reledit form must or not be displayed. This is computed through the method cubicweb.schema.CubicWebRelationSchema.has_perm, which will (among others things) try to satisfy all RQL expressions for permissions.

In the case of a project, we have this:

my_relation = SubjectRelation(
    'MyEntity', cardinality='1*',
    composite='object', inlined=True,
    __permissions__=rperms('O'))

where

def rperms(var, read=('managers', 'users')):
    return {
        'read': read,
        'add': (
            'managers',
            RRQLExpression('U has_update_permission {}'.format(var))),
        'delete': (
            'managers',
            RRQLExpression('U has_delete_permission {}'.format(var))),
    }

This expression will generate a RQL request like Any O,U WHERE U has_update_permission O, O eid %(o)s, U eid %(u)s which will not be satisfied, because the eid of the object won’t be given by reledit.

In consequence, we have to find an other way to check permissions for reledit.

Links on the development forge#

  • issue: <https://forge.extranet.logilab.fr/cubicweb/cubicweb/-/issues/324>

  • fix: <https://forge.extranet.logilab.fr/cubicweb/cubicweb/-/merge_requests/313>

© Copyright 2001-2023, Logilab.
Last updated on May 23, 2023.