Commit d3964abe authored by Romain Courteaud's avatar Romain Courteaud

Add Computer Network security configuration.

parent cebe77f4
<local_roles_item>
<local_roles>
<role id='R-MEMBER'>
<item>Auditor</item>
<item>Author</item>
</role>
<role id='zope'>
<item>Owner</item>
</role>
</local_roles>
</local_roles_item>
\ No newline at end of file
......@@ -2,4 +2,7 @@
<portal_type id="Computer">
<item>source_administration</item>
</portal_type>
<portal_type id="Computer Network">
<item>source_administration</item>
</portal_type>
</base_category_list>
\ No newline at end of file
<type_roles>
<role id='Auditor; Author'>
<property id='title'>Member</property>
<multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignee'>
<property id='title'>Computer Agent</property>
<property id='description'>Monovalued role</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='base_category'>source_administration</multi_property>
</role>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
......@@ -3,6 +3,10 @@
<type>Computer</type>
<workflow>local_permission_vifib_interaction_workflow</workflow>
</chain>
<chain>
<type>Computer Network</type>
<workflow>local_permission_vifib_interaction_workflow</workflow>
</chain>
<chain>
<type>Hosting Subscription</type>
<workflow>local_permission_vifib_interaction_workflow</workflow>
......
# Copyright (c) 2012 Nexedi SA and Contributors. All Rights Reserved.
import unittest
from Products.Vifib.tests.testVifibSlapWebService import \
TestVifibSlapWebServiceMixin
READ = 'Access contents information'
VIEW = 'View'
ADD = 'Add portal content'
WRITE = 'Modify portal content'
OTHER_AUDITOR = [
'Access Transient Objects',
'Access session data',
'Copy or Move',
'List folder contents',
'View History'
]
OTHER_AUTHOR = [
'Add portal folders',
]
class TestVifibComputerNetworkSecurity(TestVifibSlapWebServiceMixin):
def generateNewId(self):
return self.getPortalObject().portal_ids.generateNewId(
id_group=('slapos_core_test'))
def getTitle(self):
return "Test Vifib Computer Network Security"
def createMemberUser(self):
portal = self.getPortalObject()
new_id = self.generateNewId()
# Clone person document
person_user = portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
person_user.edit(
title="live_test_%s" % new_id,
reference="live_test_%s" % new_id,
default_email_text="live_test_%s@example.org" % new_id,
)
person_user.validate()
for assignment in person_user.contentValues(portal_type="Assignment"):
assignment.open()
return person_user
def afterSetUp(self):
pass
def beforeTearDown(self):
pass
def _getLocalRoles(self, context):
return [x[0] for x in context.get_local_roles()]
def _permissionsOfRole(self, context, role):
return [x['name'] for x in context.permissionsOfRole(role) \
if x['selected'] == 'SELECTED']
def assertPermissionsOfRole(self, context, role, permission_list):
self.assertSameSet(
permission_list,
self._permissionsOfRole(context, role))
def assertSecurityGroup(self, context, security_group_list, acquired):
self.assertEquals(acquired, context._getAcquireLocalRoles())
self.assertSameSet(
security_group_list,
self._getLocalRoles(context)
)
def assertRoles(self, context, security_group, role_list):
self.assertSameSet(
role_list,
context.get_local_roles_for_userid(security_group)
)
def test_ComputerNetworkModuleLocalRoles(self):
module = self.portal.computer_network_module
self.assertSecurityGroup(module, ['R-MEMBER', 'zope'], False)
self.assertRoles(module, 'R-MEMBER', ['Author', 'Auditor'])
self.assertRoles(module, 'zope', ['Owner'])
def test_ComputerNetworkModulePermissions(self):
module = self.portal.computer_network_module
self.assertPermissionsOfRole(module, 'Owner', [])
self.assertPermissionsOfRole(module, 'Auditor',
[READ, VIEW] + OTHER_AUDITOR)
self.assertPermissionsOfRole(module, 'Author',
[READ, ADD] + OTHER_AUDITOR + OTHER_AUTHOR)
def test_ComputerNetworkLocalRoles(self):
module = self.portal.computer_network_module
network = module.newContent(portal_type="Computer Network")
self.assertSecurityGroup(network, ['ERP5TypeTestCase', 'G-COMPANY'], False)
self.assertRoles(network, 'ERP5TypeTestCase', ['Owner'])
self.assertRoles(network, 'G-COMPANY', ['Assignor'])
# Setting source administration give person the assignee role
person = self.createMemberUser()
network.edit(source_administration_value=person)
self.assertSecurityGroup(network,
['ERP5TypeTestCase', 'G-COMPANY', person.getReference()], False)
self.assertRoles(network, person.getReference(), ['Assignee'])
def test_ComputerNetworkPermission(self):
module = self.portal.computer_network_module
network = module.newContent(portal_type="Computer Network")
# Check draft state
self.assertEquals('draft', network.getValidationState())
self.assertPermissionsOfRole(network, 'Owner',
[READ, VIEW, ADD, WRITE])
self.assertPermissionsOfRole(network, 'Assignor',
[READ, VIEW, ADD, WRITE])
self.assertPermissionsOfRole(network, 'Assignee',
[READ, VIEW, ADD, WRITE])
# Check validated state
network.validate()
self.assertEquals('validated', network.getValidationState())
self.assertPermissionsOfRole(network, 'Owner', [])
self.assertPermissionsOfRole(network, 'Assignor',
[READ, VIEW, ADD, WRITE])
self.assertPermissionsOfRole(network, 'Assignee',
[READ, VIEW, ADD, WRITE])
def test_suite():
suite = unittest.TestSuite()
suite.addTest(unittest.makeSuite(TestVifibComputerNetworkSecurity))
return suite
......@@ -69,6 +69,7 @@
<value>
<list>
<string>Computer</string>
<string>Computer Network</string>
<string>Internal Packing List</string>
<string>Purchase Packing List</string>
</list>
......
459
\ No newline at end of file
460
\ No newline at end of file
......@@ -17,6 +17,7 @@ business_process_module/vifib_sale_business_process
campaign_module
component_module
computer_module
computer_network_module
credential_update_module
currency_module
currency_module/EUR
......
......@@ -4,6 +4,7 @@ account_module/capital
account_module/coll_vat
account_module/equipments
account_module/inventories
computer_network_module
account_module/payable
account_module/profit_loss
account_module/purchase
......
Computer Network | source_administration
Computer | source_administration
\ No newline at end of file
......@@ -16,6 +16,8 @@ Component
Component Module
Computer
Computer Module
Computer Network
Computer Network Module
Computer Partition
Contribution Tool
Credential Update Module
......
Account
Account Module
Computer Network
Computer Network Module
Accounting Period
Accounting Transaction
Accounting Transaction Module
......
Computer Network | local_permission_vifib_interaction_workflow
Computer | local_permission_vifib_interaction_workflow
Hosting Subscription | local_permission_vifib_interaction_workflow
Internal Packing List | local_permission_vifib_interaction_workflow
......
......@@ -4,5 +4,6 @@ testVifibModuleSecurity
testVifibUserAdmin
testVifibUserCustomer
testVifibUserDeveloper
testVifibComputerNetworkSecurity
testVifibConstraint
testVifibPayZen
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment