Give member access to its own events and tickets.

7f23608b · Romain Courteaud · b469825d · 7f23608b · 7f23608b · 7f23608b
Commit 7f23608b authored Jan 24, 2013 by Romain Courteaud
21 changed files
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/event_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/event_module.xml
@@ -4,6 +4,10 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
+  <role id='R-MEMBER'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
  <role id='zope'>
   <item>Owner</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/support_request_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/support_request_module.xml
@@ -4,6 +4,10 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
+  <role id='R-MEMBER'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
  <role id='zope'>
   <item>Owner</item>
  </role>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Acknowledgement.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Acknowledgement.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Event%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Event%20Module.xml
@@ -4,4 +4,9 @@
   <multi_property id='category'>group/company</multi_property>
   <multi_property id='base_category'>group</multi_property>
  </role>
+  <role id='Auditor; Author'>
+   <property id='title'>Member</property>
+   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='base_category'>role</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Fax%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Fax%20Message.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Letter.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Letter.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Mail%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Mail%20Message.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Note.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Note.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Phone%20Call.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Phone%20Call.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Short%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Short%20Message.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Site%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Site%20Message.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request%20Module.xml
@@ -4,4 +4,9 @@
   <multi_property id='category'>group/company</multi_property>
   <multi_property id='base_category'>group</multi_property>
  </role>
+  <role id='Auditor; Author'>
+   <property id='title'>Member</property>
+   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='base_category'>role</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination_decision</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Visit.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Visit.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Web%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Web%20Message.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Customer</property>
+   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>source</multi_property>
+  </role>
  <role id='Assignor'>
   <property id='title'>Group company</property>
   <multi_property id='category'>group/company</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeWorkflowChainTemplateItem/workflow_chain_type.xml
+++ b/master/bt5/slapos_erp5/PortalTypeWorkflowChainTemplateItem/workflow_chain_type.xml
 <workflow_chain>
+ <chain>
+  <type>Acknowledgement</type>
+  <workflow>local_permission_slapos_interaction_workflow</workflow>
+ </chain>
 <chain>
  <type>Computer</type>
  <workflow>local_permission_slapos_interaction_workflow</workflow>

--- a/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5GroupRoleSecurity.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5GroupRoleSecurity.py
@@ -1046,6 +1046,36 @@ class TestAcknowledgement(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Acknowledgement',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Acknowledgement',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestBankAccount(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.organisation_module.newContent(
@@ -1127,8 +1157,9 @@ class TestEventModule(TestSlapOSGroupRoleSecurityMixin):
  def test(self):
    module = self.portal.event_module
    self.assertSecurityGroup(module,
-        ['G-COMPANY', 'zope'], True)
+        ['G-COMPANY', 'R-MEMBER', 'zope'], True)
    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
+    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
    self.assertRoles(module, 'zope', ['Owner'])

 class TestFaxMessage(TestSlapOSGroupRoleSecurityMixin):
@@ -1141,6 +1172,36 @@ class TestFaxMessage(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Fax Message',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Fax Message',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestGadget(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.portal_gadgets.newContent(
@@ -1216,6 +1277,36 @@ class TestLetter(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Letter',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Letter',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.event_module.newContent(
@@ -1226,6 +1317,36 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Mail Message',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Mail Message',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestMeeting(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.meeting_module.newContent(
@@ -1254,6 +1375,36 @@ class TestNote(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Note',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Note',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestPhoneCall(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.event_module.newContent(
@@ -1264,6 +1415,36 @@ class TestPhoneCall(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Phone Call',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Phone Call',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestVisit(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.event_module.newContent(
@@ -1274,6 +1455,36 @@ class TestVisit(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Visit',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Visit',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestNotificationMessageModule(TestSlapOSGroupRoleSecurityMixin):
  def test(self):
    module = self.portal.notification_message_module
@@ -1392,6 +1603,36 @@ class TestShortMessage(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Short Message',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Short Message',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestSiteMessage(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.event_module.newContent(
@@ -1402,6 +1643,36 @@ class TestSiteMessage(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Site Message',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Site Message',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestWebMessage(TestSlapOSGroupRoleSecurityMixin):
  def test_GroupCompany(self):
    product = self.portal.event_module.newContent(
@@ -1412,12 +1683,43 @@ class TestWebMessage(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_SourceCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Web Message',
+        source_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
+  def test_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.event_module.newContent(
+        portal_type='Web Message',
+        destination_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestSupportRequestModule(TestSlapOSGroupRoleSecurityMixin):
  def test(self):
    module = self.portal.support_request_module
    self.assertSecurityGroup(module,
-        ['G-COMPANY', 'zope'], True)
+        ['G-COMPANY', 'R-MEMBER', 'zope'], True)
    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
+    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
    self.assertRoles(module, 'zope', ['Owner'])

 class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
@@ -1430,6 +1732,21 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
    self.assertRoles(product, self.user_id, ['Owner'])

+  def test_Customer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    product = self.portal.support_request_module.newContent(
+        portal_type='Support Request',
+        destination_decision_value=person,
+        )
+    product.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(product,
+        ['G-COMPANY', reference, self.user_id], False)
+    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(product, reference, ['Auditor'])
+    self.assertRoles(product, self.user_id, ['Owner'])
+
 class TestTransformationModule(TestSlapOSGroupRoleSecurityMixin):
  def test(self):
    module = self.portal.transformation_module

--- a/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
@@ -336,3 +336,255 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
    self.assertSecurityGroup(sale_invoice_transaction, [self.user_id,
        'G-COMPANY', self.person_user.getReference()],
        False)
+
+  def test_SupportRequest_setDestinationDecision(self):
+    self._makePerson()
+    support_request = self.portal.support_request_module.newContent(
+        portal_type='Support Request')
+    self.assertSecurityGroup(support_request, ['G-COMPANY', self.user_id], False)
+
+    support_request.edit(destination_decision=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(support_request, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Acknowledgement_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Acknowledgement')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Acknowledgement_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Acknowledgement')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_FaxMessage_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Fax Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_FaxMessage_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Fax Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Letter_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Letter')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Letter_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Letter')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_MailMessage_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Mail Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_MailMessage_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Mail Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Note_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Note')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Note_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Note')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_PhoneCall_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Phone Call')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_PhoneCall_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Phone Call')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_ShortMessage_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Short Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_ShortMessage_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Short Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_SiteMessage_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Site Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_SiteMessage_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Site Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Visit_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Visit')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_Visit_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Visit')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_WebMessage_setDestination(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Web Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(destination=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
+
+  def test_WebMessage_setSource(self):
+    self._makePerson()
+    event = self.portal.event_module.newContent(
+        portal_type='Web Message')
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
+
+    event.edit(source=self.person_user.getRelativeUrl())
+    transaction.commit()
+
+    self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
+        self.person_reference], False)
--- a/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interactions/Event_edit.xml
+++ b/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interactions/Event_edit.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="InteractionDefinition" module="Products.ERP5.Interaction"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>actbox_category</string> </key>
+            <value> <string>workflow</string> </value>
+        </item>
+        <item>
+            <key> <string>actbox_name</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>actbox_url</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>activate_script_name</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>after_script_name</string> </key>
+            <value>
+              <list>
+                <string>Base_updateAllLocalRoles</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>before_commit_script_name</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>guard</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Event_edit</string> </value>
+        </item>
+        <item>
+            <key> <string>method_id</string> </key>
+            <value>
+              <list>
+                <string>_setDestination.*</string>
+                <string>_setSource.*</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>once_per_transaction</string> </key>
+            <value> <int>0</int> </value>
+        </item>
+        <item>
+            <key> <string>portal_type_filter</string> </key>
+            <value>
+              <list>
+                <string>Acknowledgement</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>script_name</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>temporary_document_disallowed</string> </key>
+            <value> <int>1</int> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>trigger_type</string> </key>
+            <value> <int>2</int> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_erp5/bt/revision
+++ b/master/bt5/slapos_erp5/bt/revision
-157
\ No newline at end of file
+158
\ No newline at end of file
--- a/master/bt5/slapos_erp5/bt/template_portal_type_workflow_chain_list
+++ b/master/bt5/slapos_erp5/bt/template_portal_type_workflow_chain_list
+Acknowledgement | local_permission_slapos_interaction_workflow
 Computer Model | local_permission_slapos_interaction_workflow
 Computer Network | local_permission_slapos_interaction_workflow
 Computer | local_permission_slapos_interaction_workflow