[schema/optimization] Wrap rql expressions into EXISTS node when checking individual permissions

Some RQL expression may retrieve several results. It makes sense to wrap them into an EXISTS node to optimized things a bit. This is already done by security insertion of 'read' rql expressions.

[schema/optimization] Wrap rql expressions into EXISTS node when checking individual permissions
Some RQL expression may retrieve several results. It makes sense to wrap them into an EXISTS node to optimized things a bit. This is already done by security insertion of 'read' rql expressions.
65f8c2c5 · Sylvain Thénault · 002007272a76 · dfcc3f74 · dfcc3f74
Commit 65f8c2c5 authored Nov 21, 2016 by Sylvain Thénault
--- a/cubicweb/schema.py
+++ b/cubicweb/schema.py
@@ -325,6 +325,7 @@ class RQLExpression(object):
                keyarg = None
            rqlst.recover()
            return rql, found, keyarg
+        rqlst.where = nodes.Exists(rqlst.where)
        return rqlst.as_string(), None, None

    def _check(self, _cw, **kwargs):

--- a/cubicweb/test/unittest_schema.py
+++ b/cubicweb/test/unittest_schema.py
@@ -575,5 +575,31 @@ class CompositeSchemaTC(CubicWebTC):
                                         for r, role in schema[etype].composite_rdef_roles]))


+class CWShemaTC(CubicWebTC):
+
+    def test_transform_has_permission_match(self):
+        with self.admin_access.repo_cnx() as cnx:
+            eschema = cnx.vreg.schema['EmailAddress']
+            rql_exprs = eschema.get_rqlexprs('update')
+            self.assertEqual(len(rql_exprs), 1)
+            self.assertEqual(rql_exprs[0].expression,
+                             'P use_email X, U has_update_permission P')
+            rql, found, keyarg = rql_exprs[0].transform_has_permission()
+            self.assertEqual(rql, 'Any X,P WHERE P use_email X, X eid %(x)s')
+            self.assertEqual(found, [(u'update', 1)])
+            self.assertEqual(keyarg, None)
+
+    def test_transform_has_permission_no_match(self):
+        with self.admin_access.repo_cnx() as cnx:
+            eschema = cnx.vreg.schema['EmailAddress']
+            rql_exprs = eschema.get_rqlexprs('read')
+            self.assertEqual(len(rql_exprs), 1)
+            self.assertEqual(rql_exprs[0].expression,
+                             'U use_email X')
+            rql, found, keyarg = rql_exprs[0].transform_has_permission()
+            self.assertEqual(rql, 'Any X WHERE EXISTS(U use_email X, X eid %(x)s, U eid %(u)s)')
+            self.assertEqual(found, None)
+            self.assertEqual(keyarg, None)
+
 if __name__ == '__main__':
    unittest_main()