cubicweb #2920304 [security] add a security debugging tool [validation pending]

DBG_SECURITY & al.

def test_contract_config_update(self):
    with self.perm_checker() as t:
        from cubicweb.server import DBG_SEC, debugged, tunesecurity
        with debugged(DBG_SEC):
            with tunesecurity(items=('rolling_dates',),
                              capabilities=('update',)):
                ccf = t.efi(self.ccf)
                cc = ccf.reverse_commodity_config[0]
                cc.set_attributes(rolling_dates_offset=42)
                t.commit()

Would yield:

check_perm: 'update' 'attribute ContractConfig.rolling_dates_offset[Int]' [(ERQLExpression(Any X WHERE U has_update_permission X, X eid %(x)s, U eid %(u)s), {'eid': 2167}, True)]
prioritynormal
typeenhancement
appeared in<not specified>
done in3.18.0
load1.000
load left0.000
closed by#1b549c1acd4f [schema,server] add a security debugging aid (closes #2920304)
patch[querier/security] instrument a bit the querier read security checks [applied][schema,server] add a security debugging aid (closes #2920304) [applied]

Workflow history

from state (6)to statecommentdateUser
donevalidation pending2014/01/10 17:54 UTCnarval
opendone2013/07/09 15:37 UTC 
waiting feedbackopen

enough feedback now

2013/06/07 10:00 UTCacampeas
openwaiting feedback

please provided ticket with descently detailled content. It is hard enough to manage the current amount of ticket we have.

2013/06/05 09:32 UTCpydavid
waiting feedbackopen

You'll see it in the patch. Please don't bother people with pointless questions 'till it is time to do so.

2013/06/05 09:16 UTCacampeas
openwaiting feedback

please details the information that this debug flag is expected provides

2013/06/05 08:27 UTCpydavid
tagged by

Ticket #2920304 - latest update on 2014/01/10, created on 2013/06/04 by Aurelien Campeas