Commit 06534a56 authored by Romain Courteaud's avatar Romain Courteaud

Give read access on Payment Transaction to user.

parent 246e3724
...@@ -10,4 +10,10 @@ ...@@ -10,4 +10,10 @@
<property id='base_category_script'>PaymentTransactionType_getSecurityCategoryFromUser</property> <property id='base_category_script'>PaymentTransactionType_getSecurityCategoryFromUser</property>
<multi_property id='base_category'>aggregate</multi_property> <multi_property id='base_category'>aggregate</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -881,9 +881,28 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -881,9 +881,28 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference shadow_reference = 'SHADOW-%s' % reference
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, shadow_reference], False) ['G-COMPANY', self.user_id, reference, shadow_reference], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_reference, ['Auditor']) self.assertRoles(product, shadow_reference, ['Auditor'])
self.assertRoles(product, reference, ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_User(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
product.edit(
destination_section_value=person,
)
product.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, reference, shadow_reference], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_reference, ['Auditor'])
self.assertRoles(product, reference, ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
class TestPurchaseInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin): class TestPurchaseInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
......
...@@ -276,7 +276,8 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -276,7 +276,8 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
transaction.commit() transaction.commit()
self.assertSecurityGroup(payment_transaction, [self.user_id, self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getReference()], 'G-COMPANY', 'SHADOW-%s' % self.person_user.getReference(),
self.person_user.getReference()],
False) False)
def test_PayzenEvent_setDestinationSection(self): def test_PayzenEvent_setDestinationSection(self):
......
153 154
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment