The previous test did not make sense, because the superuser was in use. Also,...

The previous test did not make sense, because the superuser was in use. Also, the test was revised to follow Jean-Paul's opinion. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16641 20353a03-c40f-0410-a6d1-a30d3c3de9de

The previous test did not make sense, because the superuser was in use. Also,...
The previous test did not make sense, because the superuser was in use. Also, the test was revised to follow Jean-Paul's opinion. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16641 20353a03-c40f-0410-a6d1-a30d3c3de9de
41403443 · Yoshinori Okuji · 0fdf670a · 41403443
Commit 41403443 authored Sep 27, 2007 by Yoshinori Okuji
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 3 deletions

product/ERP5Type/tests/testERP5Type.py product/ERP5Type/tests/testERP5Type.py +33 -3

No files found.
--- a/product/ERP5Type/tests/testERP5Type.py
+++ b/product/ERP5Type/tests/testERP5Type.py
@@ -1142,21 +1142,51 @@ class TestPropertySheet:
      """
      if not run: return
      from AccessControl import getSecurityManager
-      user = getSecurityManager().getUser()
      portal = self.getPortal()
+
+      # Make a plain user.
+      uf = portal.acl_users
+      uf._doAddUser('yo', '', [], [])
+      user = uf.getUserById('yo').__of__(uf)
+
      person_module = self.getPersonModule()
      person = person_module.newContent(portal_type='Person', title='foo')
      person.manage_permission('View', roles=['Auditor'], acquire=0)

+      # The user may not view the person object.
      get_transaction().commit() ; self.tic()
      self.assertTrue('Auditor' not in user.getRolesInContext(person))
-      self.assertEquals(len(person_module.searchFolder()), 0)
+      self.logout()
+      newSecurityManager(None, user)
+      self.assertEquals(len(person_module.searchFolder(id=person.getId())), 0)
+      self.logout()
+      self.login()

+      # Now allow him to view it.
      person_module.manage_addLocalRoles(user.getId(), ['Auditor'])

+      # This might look odd (indeed it is), but the catalog should not
+      # reflect the security change, until the affected objects are
+      # reindexed, and Jean-Paul believes that this should not be
+      # automatic.
      get_transaction().commit() ; self.tic()
      self.assertTrue('Auditor' in user.getRolesInContext(person))
-      self.assertEquals(len(person_module.searchFolder()), 1)
+      self.logout()
+      newSecurityManager(None, user)
+      self.assertEquals(len(person_module.searchFolder(id=person.getId())), 0)
+      self.logout()
+      self.login()
+
+      # Now invoke the reindexing explicitly, so the catalog should be
+      # synchronized.
+      person_module.recursiveReindexObject()
+      get_transaction().commit() ; self.tic()
+      self.assertTrue('Auditor' in user.getRolesInContext(person))
+      self.logout()
+      newSecurityManager(None, user)
+      self.assertEquals(len(person_module.searchFolder(id=person.getId())), 1)
+      self.logout()
+      self.login()

    def test_23_titleIsNotDefinedByDefault(self, quiet=quiet, run=run_all_test):
      """