diff --git a/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSGroupRoleSecurity.py b/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSGroupRoleSecurity.py
index f1b8a9034549610ed714d694d1d894c2d509628b..2209d181894bf1a99a3d512b69a1a1ba77273a4e 100644
--- a/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSGroupRoleSecurity.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/testSlapOSGroupRoleSecurity.py
@@ -114,3 +114,120 @@ class TestComputer(TestSlapOSGroupRoleSecurityMixin):
         [self.user_id, 'G-COMPANY', reference], False)
     self.assertRoles(computer, reference, ['Assignor'])
 
+class TestComputerModel(TestSlapOSGroupRoleSecurityMixin):
+  def test_GroupCompany(self):
+    model = self.portal.computer_model_module.newContent(
+        portal_type='Computer Model')
+    model.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(model,
+        ['G-COMPANY', self.user_id], False)
+    self.assertRoles(model, 'G-COMPANY', ['Assignor'])
+
+  def test_ComputerAgent(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    model = self.portal.computer_model_module.newContent(
+        portal_type='Computer Model',
+        source_administration=person.getRelativeUrl())
+    model.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(model,
+        ['G-COMPANY', self.user_id, reference], False)
+    self.assertRoles(model, reference, ['Assignee'])
+
+class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin):
+  def test(self):
+    module = self.portal.computer_model_module
+    self.assertSecurityGroup(module,
+        ['R-MEMBER', 'zope'], False)
+    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
+
+class TestComputerModule(TestSlapOSGroupRoleSecurityMixin):
+  def test(self):
+    module = self.portal.computer_module
+    self.assertSecurityGroup(module,
+        ['R-COMPUTER', 'R-MEMBER', 'R-SHADOW-PERSON', 'zope'], False)
+    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
+    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+
+class TestComputerNetwork(TestSlapOSGroupRoleSecurityMixin):
+  def test_GroupCompany(self):
+    network = self.portal.computer_network_module.newContent(
+        portal_type='Computer Network')
+    network.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(network,
+        ['G-COMPANY', 'R-SHADOW-PERSON', self.user_id], False)
+    self.assertRoles(network, 'G-COMPANY', ['Assignor'])
+    self.assertRoles(network, 'R-SHADOW-PERSON', ['Auditor'])
+
+  test_PersonShadow = test_GroupCompany
+
+  def test_ComputerAgent(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    network = self.portal.computer_network_module.newContent(
+        portal_type='Computer Network',
+        source_administration=person.getRelativeUrl())
+    network.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(network,
+        ['G-COMPANY', 'R-SHADOW-PERSON', self.user_id, reference], False)
+    self.assertRoles(network, reference, ['Assignee'])
+
+class TestComputerNetworkModule(TestSlapOSGroupRoleSecurityMixin):
+  def test(self):
+    module = self.portal.computer_network_module
+    self.assertSecurityGroup(module,
+        ['R-MEMBER', 'R-SHADOW-PERSON', 'zope'], False)
+    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+
+class TestComputerPartition(TestSlapOSGroupRoleSecurityMixin):
+  def test_CustomerOfThePartition(self):
+    partition = self.portal.computer_module.newContent(
+        portal_type='Computer').newContent(portal_type='Computer Partition')
+    self.portal.portal_workflow._jumpToStateFor(partition, 'busy')
+    partition.recursiveImmediateReindexObject()
+
+    instance_customer_reference = 'TESTPERSON-%s' % self.generateNewId()
+    slave_customer_reference = 'TESTPERSON-%s' % self.generateNewId()
+    instance_customer = self.portal.person_module.newContent(
+        portal_type='Person', reference=instance_customer_reference)
+    slave_customer = self.portal.person_module.newContent(
+        portal_type='Person', reference=slave_customer_reference)
+
+    instance_subscription_reference = 'TESTHS-%s' % self.generateNewId()
+    instance_subscription = self.portal.hosting_subscription_module\
+        .template_hosting_subscription.Base_createCloneDocument(batch_mode=1)
+    instance_subscription.edit(
+        destination_section=instance_customer.getRelativeUrl(),
+        reference=instance_subscription_reference)
+    instance = self.portal.software_instance_module.template_software_instance\
+        .Base_createCloneDocument(batch_mode=1)
+    instance.edit(specialise=instance_subscription.getRelativeUrl(),
+        aggregate=partition.getRelativeUrl())
+    instance.validate()
+    instance.recursiveImmediateReindexObject()
+
+    slave_subscription = self.portal.hosting_subscription_module\
+        .template_hosting_subscription.Base_createCloneDocument(batch_mode=1)
+    slave_subscription.edit(
+        destination_section=slave_customer.getRelativeUrl())
+    slave = self.portal.software_instance_module.template_slave_instance\
+        .Base_createCloneDocument(batch_mode=1)
+    slave.validate()
+    slave.edit(specialise=slave_subscription.getRelativeUrl(),
+        aggregate=partition.getRelativeUrl())
+    slave.recursiveImmediateReindexObject()
+
+    partition.updateLocalRolesOnSecurityGroups()
+    self.assertSecurityGroup(partition,
+        [self.user_id, instance_customer_reference, slave_customer_reference,
+          instance_subscription_reference], True)
+    self.assertRoles(partition, instance_customer_reference, ['Auditor'])
+    self.assertRoles(partition, slave_customer_reference, ['Auditor'])
+    self.assertRoles(partition, instance_subscription_reference, ['Auditor'])
+
+  test_SoftwareInstanceGroupRelatedToComputerPartition = \
+      test_CustomerOfThePartition
diff --git a/master/bt5/slapos_erp5/bt/revision b/master/bt5/slapos_erp5/bt/revision
index c24b6ae77df02a87472b208f251fad88382a2e55..72f523f36edb05f0f59e02607fd52a844817ed85 100644
--- a/master/bt5/slapos_erp5/bt/revision
+++ b/master/bt5/slapos_erp5/bt/revision
@@ -1 +1 @@
-38
\ No newline at end of file
+39
\ No newline at end of file