cubicweb #3579277 entity.cw_unrelated_rql considers constraints involving unreadable relations [rejected]
Entity method cw_unrelated_rql iterates on rql constraints to be included in the resulting rql but does not check the permissions of relations involved in each constraint. Hence, even if an unreadable relation is involved in a constraint, the constraint will be included in the resulting rql.
This poses problem during the rendering of an edition form of an entity involving such constraints, because an Unauthorized is raised, despite the 'modify' action appears in primary view.
|done in||<not specified>|
|closed by||<not specified>|
|patch||Check read permission of relations in constraints in cw_unrelated_rql entity method [rejected]|