Class tigrbl.orm.mixins.ownable.Ownable
tigrbl.orm.mixins.ownable.Ownable
Mixin that adds an owner_id
column and installs v3 hooks to enforce ownership policy.
Policy (per __tigrbl_owner_policy__
):
• CLIENT_SET: client may provide owner_id
; if missing, we leave it as-is.
• DEFAULT_TO_USER: if owner_id
missing, default to ctx user; if provided, keep it.
• STRICT_SERVER: always enforce owner_id = ctx user
; reject mismatches.
Hooks (installed at class creation via init_subclass):
• PRE_TX_BEGIN on "create": normalize/enforce owner_id
in ctx.env.params & ctx.payload
• PRE_TX_BEGIN on "update": forbid changing owner_id
unless CLIENT_SET and matches ctx user
(note: if you need to compare with the existing DB value, do that in POST_HANDLER where
your core sets ctx["result"] or fetch the row here — this version validates intent only)
owner_id
owner_id()
Source code in tigrbl/orm/mixins/ownable.py
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 |
|