Rename parameter of hasPermission

schlatterbeck · schlatterbeck · commit f18687fc5330 · 2024-10-24T09:19:25.000+02:00
Rename only_no_check to skip_permissions_with_check.
Revert explicit no-properties check in Permission.searchable, this check
is already taken care of by the _properties_dict check. Add a comment on
what _properties_dict does.
diff --git a/roundup/hyperdb.py b/roundup/hyperdb.py
@@ -1817,7 +1817,7 @@ def filter_with_permissions(self, search_matches, filterspec, sort=[],
         item_ids = self.filter(search_matches, filterspec, sort, group,
                                retired, exact_match_spec, limit, offset)
         check = sec.hasPermission
-        if check(permission, userid, cn, only_no_check = True):
+        if check(permission, userid, cn, skip_permissions_with_check = True):
             allowed = item_ids
         else:
             debug = self.db.config.RDBMS_DEBUG_FILTER
diff --git a/roundup/security.py b/roundup/security.py
@@ -122,6 +122,8 @@ def test(self, db, permission, classname, property, userid, itemid):
             return 0
 
         # what about property?
+        # Note that _properties_dict always returns True if it was
+        # initialized with empty properties
         if property is not None and not self._properties_dict[property]:
             return 0
 
@@ -159,11 +161,9 @@ def searchable(self, classname, property):
         if self.check:
             return 0
 
-        # Allow if we have access to *all* properties
-        if self.properties is None:
-            return 1
-
         # what about property?
+        # Note that _properties_dict always returns True if it was
+        # initialized with empty properties
         if not self._properties_dict[property]:
             return 0
 
@@ -362,7 +362,8 @@ def getPermission(self, permission, classname=None, properties=None,
                                                                   classname))
 
     def hasPermission(self, permission, userid, classname=None,
-                      property=None, itemid=None, only_no_check=False):
+                      property=None, itemid=None,
+                      skip_permissions_with_check=False):
         '''Look through all the Roles, and hence Permissions, and
            see if "permission" exists given the constraints of
            classname, property, itemid, and props_only.
@@ -398,7 +399,7 @@ def hasPermission(self, permission, userid, classname=None,
         # expensive than the ones without. So we check the ones without
         # a check method first
         checklist = (False, True)
-        if only_no_check:
+        if skip_permissions_with_check:
             checklist = (False,)
         for has_check in checklist:
             for rolename in self.db.user.get_roles(userid):
