cubicweb #2932033 [security] consider operation checking only in securityafterupdateentity hook [validation pending]

As of today, the entity is checked in the hook, and if Unauthorized the check is deferred to an Operation (hoping that things will work better at this time).

I contend that this strategy is too costly for the case when only an operation will yield a successful permission check, and that this case is quite common.

I propose we drop the immediate permission check and only defer to the operation.

prioritynormal
typeenhancement
done in3.18.0
load0.500
load left0.000
closed by#e1369f2dba79 [hooks/security] Defer entity permission checks to an Operation.
patch[doc/book/security] update description of entity update (Related to #2932033) [applied][hooks/security] Defer entity permission checks [applied]