From 4f275edf6d4488a0a0f7d3bfbfc74977eed05b50 Mon Sep 17 00:00:00 2001 From: Nicolas Delaby <nicolas@nexedi.com> Date: Fri, 8 Feb 2008 12:46:34 +0000 Subject: [PATCH] Test Security Cataloging with ERP5Security git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19173 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5Catalog/tests/testERP5Catalog.py | 67 ++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/product/ERP5Catalog/tests/testERP5Catalog.py b/product/ERP5Catalog/tests/testERP5Catalog.py index ef0c01fd42..08bf2b7ede 100644 --- a/product/ERP5Catalog/tests/testERP5Catalog.py +++ b/product/ERP5Catalog/tests/testERP5Catalog.py @@ -1708,6 +1708,73 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor): local_roles='Assignee')[0][0]) + def test_50_bis_LocalRolesArgumentWithERP5Security(self, quiet=quiet, run=run_all_test): + """test local_roles= argument with ERP5Security + """ + if not run: return + if not quiet: + message = 'local_roles= argument with ERP5Security' + ZopeTestCase._print('\n%s ' % message) + LOG('Testing... ',0,message) + login = PortalTestCase.login + #Testing Security By ERP5Security Role Generation + #Create Categories and PortalType RoleInformation + self.login() + folder = self.getOrganisationModule() + ob1 = folder.newContent(title='Object Title') + ob2 = folder.newContent(title='Object Title') + ob2.manage_addLocalRoles('bob', ['Assignee']) + cat_tool = self.getPortal().portal_categories + cat_tool.group.newContent(id='company', portal_type='Category') + cat_tool.function.newContent(id='employee', portal_type='Category') + + from Products.ERP5Type.RoleInformation import RoleInformation + role_auditor_inf = RoleInformation(id='Auditor', + title='Auditor', + category=('group/company',)) + role_assignee_inf = RoleInformation(id='Assignee', + title='Assignee', + category=('group/company', + 'function/employee',)) + + pt = self.getPortal().portal_types.Organisation + pt._roles = (role_auditor_inf, role_assignee_inf) + + uf = self.getPortal().acl_users + uf._doAddUser('bob', '', ['Member'], []) + get_transaction().commit() + self.tic() + #Now Update Security + ob1.updateLocalRolesOnSecurityGroups() + ob1.manage_permission('View', ['Auditor', 'Assignor'], 0) + ob1.reindexObject() + #Remove Roles On Organisation Portal Type + pt._roles = () + get_transaction().commit() + self.tic() + login(self, 'bob') + ctool = self.getCatalogTool() + user = getSecurityManager().getUser() + user._groups.update({'company':1, + 'employee_company':1}) + self.assertTrue(user.has_permission('View', ob1)) + self.assertTrue(user.has_role('Auditor', ob1)) + self.assertTrue(user.has_role('Assignee', ob1)) + self.assertFalse(user.has_role('Assignor', ob1)) + from AccessControl.PermissionRole import rolesForPermissionOn + self.assertTrue('Assignee' not in rolesForPermissionOn('View', ob1)) + self.assertEquals(2, len(ctool(title='Object Title', + local_roles='Assignee'))) + self.assertEquals(2, + ctool.countResults(title='Object Title', + local_roles='Assignee')[0][0]) + + # this also work for searchFolder and countFolder + self.assertEquals(2, len(folder.searchFolder(title='Object Title', + local_roles='Assignee'))) + self.assertEquals(2, folder.countFolder(title='Object Title', + local_roles='Assignee')[0][0]) + def test_51_SearchWithKeyWords(self, quiet=quiet, run=run_all_test): if not run: return if not quiet: -- 2.30.9