Commit b18e860b authored by Romain Courteaud's avatar Romain Courteaud

Finish security configuration of the sale division.

Allow sale division to create all kind of events.
Allow sale division to create persons and organisations.
Add a live test to check the use cases.
parent 31e65f49
...@@ -4,6 +4,10 @@ ...@@ -4,6 +4,10 @@
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Auditor</item>
<item>Author</item>
</role>
<role id='R-COMPUTER'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='R-MEMBER'> <role id='R-MEMBER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
......
...@@ -4,6 +4,10 @@ ...@@ -4,6 +4,10 @@
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Auditor</item>
<item>Author</item>
</role>
<role id='R-MEMBER'> <role id='R-MEMBER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='supergabriel'> <role id='supergabriel'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
...@@ -3,6 +3,9 @@ ...@@ -3,6 +3,9 @@
<role id='F-PRODUCTION_G-COMPANY'> <role id='F-PRODUCTION_G-COMPANY'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='F-SALE_G-COMPANY'>
<item>Assignor</item>
</role>
<role id='romain'> <role id='romain'>
<item>Owner</item> <item>Owner</item>
</role> </role>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Person" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_Access_contents_information_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Auditor</string>
<string>Author</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_Add_portal_content_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Author</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_Modify_portal_content_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Author</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_View_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Auditor</string>
<string>Author</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>__translation_dict</string> </key>
<value>
<dictionary/>
</value>
</item>
<item>
<key> <string>_count</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_mt_index</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>_tree</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
</value>
</item>
<item>
<key> <string>default_reference</string> </key>
<value> <string>test_sale_agent</string> </value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>first_name</string> </key>
<value> <string>Vifib Test</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>test_sale_agent</string> </value>
</item>
<item>
<key> <string>last_name</string> </key>
<value> <string>Sale</string> </value>
</item>
<item>
<key> <string>password</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAU=</string> </persistent>
</value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Person</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<global name="Length" module="BTrees.Length"/>
</pickle>
<pickle> <int>0</int> </pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="4" aka="AAAAAAAAAAQ=">
<pickle>
<global name="OOBTree" module="BTrees.OOBTree"/>
</pickle>
<pickle>
<none/>
</pickle>
</record>
<record id="5" aka="AAAAAAAAAAU=">
<pickle>
<global name="PersistentMapping" module="Persistence.mapping"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary>
<item>
<key> <string>default</string> </key>
<value> <string>{SSHA}45nzuib8NqsbP8Lctl2p3azUSRRloO/cYm5t</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Assignment" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_Access_contents_information_Permission</string> </key>
<value>
<tuple>
<string>Assignor</string>
<string>Auditor</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_Modify_portal_content_Permission</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>_View_Permission</string> </key>
<value>
<tuple>
<string>Assignor</string>
<string>Auditor</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_identity_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
</value>
</item>
<item>
<key> <string>_range_criterion</string> </key>
<value>
<persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>group/company</string>
<string>function/sale</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>1</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Assignment</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string>Sale Division</string> </value>
</item>
</dictionary>
</pickle>
</record>
<record id="2" aka="AAAAAAAAAAI=">
<pickle>
<tuple>
<global name="PersistentMapping" module="Persistence.mapping"/>
<tuple/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record id="3" aka="AAAAAAAAAAM=">
<pickle>
<tuple>
<global name="PersistentMapping" module="Persistence.mapping"/>
<tuple/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>data</string> </key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Career" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_Access_contents_information_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Auditor</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_Modify_portal_content_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>_View_Permission</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Auditor</string>
<string>Manager</string>
<string>Owner</string>
</tuple>
</value>
</item>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>role/internal</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>default_career</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Career</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Email" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>coordinate_text</string> </key>
<value> <string>test_sale_agent@vifib.com</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>default_email</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Email</string> </value>
</item>
<item>
<key> <string>sid</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>url_string</string> </key>
<value>
<none/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<type_roles>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
...@@ -9,6 +9,13 @@ ...@@ -9,6 +9,13 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor; Author'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>SlapOS Master Operation</property> <property id='title'>SlapOS Master Operation</property>
<multi_property id='category'>function/production</multi_property> <multi_property id='category'>function/production</multi_property>
......
...@@ -4,6 +4,13 @@ ...@@ -4,6 +4,13 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>SlapOS Master Operation</property> <property id='title'>SlapOS Master Operation</property>
<multi_property id='category'>function/production</multi_property> <multi_property id='category'>function/production</multi_property>
......
...@@ -4,6 +4,13 @@ ...@@ -4,6 +4,13 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor; Author'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>SlapOS Master Operation</property> <property id='title'>SlapOS Master Operation</property>
<multi_property id='category'>function/production</multi_property> <multi_property id='category'>function/production</multi_property>
......
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>SlapOS Master Operation</property> <property id='title'>SlapOS Master Operation</property>
<multi_property id='category'>function/production</multi_property> <multi_property id='category'>function/production</multi_property>
......
<type_roles>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignor'>
<property id='title'>Sale division</property>
<multi_property id='category'>function/sale</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
##############################################################################
#
# Copyright (c) 2011 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
##############################################################################
from VifibMixin import testVifibMixin
from AccessControl import Unauthorized
from Products.ERP5Type.tests.SecurityTestCase import SecurityTestCase
sale_login_id = 'test_sale_agent'
member_login_id = 'test_vifib_customer'
class TestVifibCRMSecurity(testVifibMixin, SecurityTestCase):
def getTitle(self):
return "Vifib CRM Security"
def test_CampaignSecurity(self):
"""
Sale division should be able to manage campaign.
Anonymous/member has no permission to any campaign.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the campaign module through restrictedTraverse
# This will test the security of the module
campaign_module_id = self.portal.getDefaultModuleId(portal_type='Campaign')
campaign_module = self.portal.restrictedTraverse(campaign_module_id)
# Add campaign
campaign = campaign_module.newContent(portal_type='Campaign')
# Edit the campaign
campaign.edit(
title='Test Vifib Campaign',
)
campaign_relative_url = campaign.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=campaign_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor", campaign)
self.logout()
# Member
self.login(user_name=member_login_id)
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[campaign_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=campaign_relative_url)))
self.logout()
# Anonymous
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[campaign_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=campaign_relative_url)))
def test_SupportRequestSecurity(self):
"""
Sale division should be able to manage support request.
Anonymous/member has no permission to any support request.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the support_request module through restrictedTraverse
# This will test the security of the module
support_request_module_id = self.portal.getDefaultModuleId(
portal_type='Support Request')
support_request_module = self.portal.restrictedTraverse(
support_request_module_id)
# Add support_request
support_request = support_request_module.newContent(
portal_type='Support Request')
# Edit the support_request
support_request.edit(
title='Test Vifib Support Request',
)
support_request_relative_url = support_request.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=support_request_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor",
support_request)
self.logout()
# Member
self.login(user_name=member_login_id)
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[support_request_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=support_request_relative_url)))
self.logout()
# Anonymous
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[support_request_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=support_request_relative_url)))
def test_NotificationMessageSecurity(self):
"""
Sale division should be able to manage notification message.
Anonymous/member has no permission to any notification message.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the notification_message module through restrictedTraverse
# This will test the security of the module
notification_message_module_id = self.portal.getDefaultModuleId(
portal_type='Notification Message')
notification_message_module = self.portal.restrictedTraverse(
notification_message_module_id)
# Add notification_message
notification_message = notification_message_module.newContent(
portal_type='Notification Message')
# Edit the notification_message
notification_message.edit(
title='Test Vifib Notification Message',
)
notification_message_relative_url = notification_message.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=notification_message_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor",
notification_message)
self.logout()
# Member
self.login(user_name=member_login_id)
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[notification_message_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=notification_message_relative_url)))
self.logout()
# Anonymous
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[notification_message_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=notification_message_relative_url)))
def test_EventSecurity(self):
"""
Sale division should be able to manage event.
Anonymous/member has no permission to any event.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the event module through restrictedTraverse
# This will test the security of the module
event_module_id = self.portal.getDefaultModuleId(
portal_type='Fax Message')
event_module = self.portal.restrictedTraverse(
event_module_id)
self.logout()
for portal_type in self.portal.getPortalEventTypeList():
# Sale division
self.login(user_name=sale_login_id)
# Add event
event = event_module.newContent(
portal_type=portal_type)
# Edit the event
event.edit(
title='Test Vifib %s' % portal_type,
)
event_relative_url = event.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=event_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor", event)
self.logout()
# Member
self.login(user_name=member_login_id)
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[event_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=event_relative_url)))
self.logout()
# Anonymous
self.assertRaises(Unauthorized,
self.portal.restrictedTraverse,
[event_module_id]
)
self.assertEquals(0, len(self.portal.portal_catalog(
relative_url=event_relative_url)))
def test_PersonSecurity(self):
"""
Sale division should be able to manage person.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the person module through restrictedTraverse
# This will test the security of the module
person_module_id = self.portal.getDefaultModuleId(
portal_type='Person')
person_module = self.portal.restrictedTraverse(
person_module_id)
# Add person
person = person_module.newContent(
portal_type="Person")
# Edit the person
person.edit(
title='Test Vifib Person'
)
person_relative_url = person.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=person_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor", person)
self.logout()
def test_OrganisationSecurity(self):
"""
Sale division should be able to manage organisation.
"""
# Sale division
self.login(user_name=sale_login_id)
# Try to acceed the organisation module through restrictedTraverse
# This will test the security of the module
organisation_module_id = self.portal.getDefaultModuleId(
portal_type='Organisation')
organisation_module = self.portal.restrictedTraverse(
organisation_module_id)
# Add organisation
organisation = organisation_module.newContent(
portal_type="Organisation")
# Edit the organisation
organisation.edit(
title='Test Vifib Organisation'
)
organisation_relative_url = organisation.getRelativeUrl()
self.stepTic()
self.assertEquals(1, len(self.portal.portal_catalog(
relative_url=organisation_relative_url)))
# XXX TODO: test real CRM use case related to the security
self.assertUserHaveRoleOnDocument(sale_login_id, "Assignor", organisation)
self.logout()
236 237
\ No newline at end of file \ No newline at end of file
accounting_module accounting_module
event_module
notification_message_module
support_request_module
business_process_module business_process_module
business_process_module/erp5_default_business_process business_process_module/erp5_default_business_process
campaign_module campaign_module
...@@ -10,8 +7,10 @@ computer_module/test_computer ...@@ -10,8 +7,10 @@ computer_module/test_computer
credential_update_module credential_update_module
currency_module currency_module
currency_module/EUR currency_module/EUR
event_module
hosting_subscription_module hosting_subscription_module
internal_packing_list_module internal_packing_list_module
notification_message_module
open_sale_order_module open_sale_order_module
organisation_module organisation_module
organisation_module/vifib_internet organisation_module/vifib_internet
...@@ -36,4 +35,5 @@ software_instance_module ...@@ -36,4 +35,5 @@ software_instance_module
software_product_module software_product_module
software_product_module/test_software_product software_product_module/test_software_product
software_release_module software_release_module
software_release_module/test_software_release software_release_module/test_software_release
\ No newline at end of file support_request_module
\ No newline at end of file
person_module/test_hr_admin person_module/test_hr_admin
person_module/test_hr_admin/** person_module/test_hr_admin/**
person_module/test_sale_agent
person_module/test_sale_agent/**
person_module/test_updated_vifib_user person_module/test_updated_vifib_user
person_module/test_vifib_admin person_module/test_vifib_admin
person_module/test_vifib_admin/** person_module/test_vifib_admin/**
......
Accounting Transaction Accounting Transaction
Accounting Transaction Module Accounting Transaction Module
Acknowledgement
Assignment Assignment
Business Process Business Process
Business Process Module Business Process Module
...@@ -38,6 +39,8 @@ Sale Trade Condition ...@@ -38,6 +39,8 @@ Sale Trade Condition
Sale Trade Condition Module Sale Trade Condition Module
Service Service
Service Module Service Module
Short Message
Site Message
Slave Instance Slave Instance
Software Instance Software Instance
Software Instance Module Software Instance Module
...@@ -47,4 +50,5 @@ Software Release ...@@ -47,4 +50,5 @@ Software Release
Software Release Module Software Release Module
Support Request Support Request
Support Request Module Support Request Module
Visit Visit
\ No newline at end of file Web Message
\ No newline at end of file
Accounting Transaction Accounting Transaction
Fax Message
Letter
Mail Message
Note
Notification Message
Phone Call
Support Request
Visit
Event Module
Notification Message Module
Support Request Module
Accounting Transaction Module Accounting Transaction Module
Acknowledgement
Assignment Assignment
Business Process Business Process
Business Process Module Business Process Module
...@@ -21,16 +11,24 @@ Computer Module ...@@ -21,16 +11,24 @@ Computer Module
Credential Update Module Credential Update Module
Currency Currency
Currency Module Currency Module
Event Module
Fax Message
Hosting Subscription Hosting Subscription
Hosting Subscription Module Hosting Subscription Module
Internal Packing List Internal Packing List
Internal Packing List Module Internal Packing List Module
Letter
Mail Message
Note
Notification Message
Notification Message Module
Open Sale Order Open Sale Order
Open Sale Order Module Open Sale Order Module
Organisation Organisation
Organisation Module Organisation Module
Person Person
Person Module Person Module
Phone Call
Purchase Packing List Purchase Packing List
Purchase Packing List Module Purchase Packing List Module
Sale Order Sale Order
...@@ -41,10 +39,16 @@ Sale Trade Condition ...@@ -41,10 +39,16 @@ Sale Trade Condition
Sale Trade Condition Module Sale Trade Condition Module
Service Service
Service Module Service Module
Short Message
Site Message
Slave Instance Slave Instance
Software Instance Software Instance
Software Instance Module Software Instance Module
Software Product Software Product
Software Product Module Software Product Module
Software Release Software Release
Software Release Module Software Release Module
\ No newline at end of file Support Request
Support Request Module
Visit
Web Message
\ No newline at end of file
testVifibPersonSecurity testVifibPersonSecurity
testVifibCRMSecurity
testVifibModuleSecurity testVifibModuleSecurity
testVifibUserAdmin testVifibUserAdmin
testVifibUserCustomer testVifibUserCustomer
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment