cubicweb #4740310 [security] "update" operation checked when updating an entity created in the same tx [validation pending]

To be confirmed.

I dont see why:

with cnx:
  cnx.create_entity('Elephant', name=u'Babar')
  cnx.commit()

would succeed, whereas:

with cnx:
  b = cnx.create_entity('Elephant')
  b.cw_set(name=u'Babar')
  cnx.commit()

would fail, if we had the following permissions for "name":

{'add': ('managers', 'users'),
 'update': ()}
prioritynormal
typebug
done in3.19.7
load left0.000
closed by#6f4b4567b77d [security] check attributes: dispatch on the "add" action if entity was just created
patch[security] check attributes: dispatch on the "add" action if entity was just created [folded][security] exhibit non-equivalence of two ways to create an entity [applied]