Add Computer Model security configuration.

master/bt5/vifib_erp5/LocalRolesTemplateItem/computer_model_module.xml

+<local_roles_item>
+ <local_roles>
+  <role id='R-MEMBER'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
+  <role id='zope'>
+   <item>Owner</item>
+  </role>
+ </local_roles>
+</local_roles_item>
\ No newline at end of file

master/bt5/vifib_erp5/PortalTypeBaseCategoryTemplateItem/base_category_list.xml

@@ -2,6 +2,9 @@
  <portal_type id="Computer">
   <item>source_administration</item>
  </portal_type>
+ <portal_type id="Computer Model">
+  <item>source_administration</item>
+ </portal_type>
  <portal_type id="Computer Network">
   <item>source_administration</item>
  </portal_type>

master/bt5/vifib_erp5/PortalTypeRolesTemplateItem/Computer%20Model%20Module.xml

+<type_roles>
+  <role id='Auditor; Author'>
+   <property id='title'>Member</property>
+   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='base_category'>role</multi_property>
+  </role>
+</type_roles>
\ No newline at end of file

master/bt5/vifib_erp5/PortalTypeWorkflowChainTemplateItem/workflow_chain_type.xml

@@ -3,6 +3,10 @@
   <type>Computer</type>
   <workflow>local_permission_vifib_interaction_workflow</workflow>
  </chain>
+ <chain>
+  <type>Computer Model</type>
+  <workflow>local_permission_vifib_interaction_workflow</workflow>
+ </chain>
  <chain>
   <type>Computer Network</type>
   <workflow>local_permission_vifib_interaction_workflow</workflow>

master/bt5/vifib_erp5/TestTemplateItem/testVifibComputerModelSecurity.py

+# Copyright (c) 2012 Nexedi SA and Contributors. All Rights Reserved.
+import unittest
+from Products.Vifib.tests.testVifibSlapWebService import \
+  TestVifibSlapWebServiceMixin
+
+READ = 'Access contents information'
+VIEW = 'View'
+ADD = 'Add portal content'
+WRITE = 'Modify portal content'
+OTHER_AUDITOR = [
+  'Access Transient Objects',
+  'Access session data',
+  'Copy or Move',
+  'List folder contents',
+  'View History'
+  ]
+OTHER_AUTHOR = [
+  'Add portal folders',
+  ]
+
+class TestVifibComputerModelSecurity(TestVifibSlapWebServiceMixin):
+
+  def generateNewId(self):
+    return self.getPortalObject().portal_ids.generateNewId(
+                                     id_group=('slapos_core_test'))
+
+  def getTitle(self):
+    return "Test Vifib Computer Model Security"
+
+  def createMemberUser(self):
+    portal = self.getPortalObject()
+    new_id = self.generateNewId()
+
+    # Clone person document
+    person_user = portal.person_module.template_member.\
+                                 Base_createCloneDocument(batch_mode=1)
+    person_user.edit(
+      title="live_test_%s" % new_id,
+      reference="live_test_%s" % new_id,
+      default_email_text="live_test_%s@example.org" % new_id,
+    )
+    person_user.validate()
+    for assignment in person_user.contentValues(portal_type="Assignment"):
+      assignment.open()
+    return person_user
+
+  def afterSetUp(self):
+    pass
+
+  def beforeTearDown(self):
+    pass
+
+  def _getLocalRoles(self, context):
+    return [x[0] for x in context.get_local_roles()]
+
+  def _permissionsOfRole(self, context, role):
+    return [x['name'] for x in context.permissionsOfRole(role) \
+          if x['selected'] == 'SELECTED']
+
+  def assertPermissionsOfRole(self, context, role, permission_list):
+    self.assertSameSet(
+      permission_list,
+      self._permissionsOfRole(context, role))
+
+  def assertSecurityGroup(self, context, security_group_list, acquired):
+    self.assertEquals(acquired, context._getAcquireLocalRoles())
+    self.assertSameSet(
+      security_group_list,
+      self._getLocalRoles(context)
+    )
+
+  def assertRoles(self, context, security_group, role_list):
+    self.assertSameSet(
+      role_list,
+      context.get_local_roles_for_userid(security_group)
+    )
+
+  def test_ComputerModelModuleLocalRoles(self):
+    module = self.portal.computer_model_module
+    self.assertSecurityGroup(module, ['R-MEMBER', 'zope'], False)
+    self.assertRoles(module, 'R-MEMBER', ['Author', 'Auditor'])
+    self.assertRoles(module, 'zope', ['Owner'])
+
+  def test_ComputerModelModulePermissions(self):
+    module = self.portal.computer_model_module
+    self.assertPermissionsOfRole(module, 'Owner', [])
+    self.assertPermissionsOfRole(module, 'Auditor',
+                                 [READ, VIEW] + OTHER_AUDITOR)
+    self.assertPermissionsOfRole(module, 'Author',
+                                 [READ, ADD] + OTHER_AUDITOR + OTHER_AUTHOR)
+
+  def test_ComputerModelLocalRoles(self):
+    module = self.portal.computer_model_module
+    Model = module.newContent(portal_type="Computer Model")
+
+    self.assertSecurityGroup(Model, ['ERP5TypeTestCase', 'G-COMPANY'], False)
+    self.assertRoles(Model, 'ERP5TypeTestCase', ['Owner'])
+    self.assertRoles(Model, 'G-COMPANY', ['Assignor'])
+
+    # Setting source administration give person the assignee role
+    person = self.createMemberUser()
+    Model.edit(source_administration_value=person)
+    self.assertSecurityGroup(Model,
+        ['ERP5TypeTestCase', 'G-COMPANY', person.getReference()], False)
+    self.assertRoles(Model, person.getReference(), ['Assignee'])
+
+  def test_ComputerModelPermission(self):
+    module = self.portal.computer_model_module
+    Model = module.newContent(portal_type="Computer Model")
+
+    # Check draft state
+    self.assertEquals('draft', Model.getValidationState())
+    self.assertPermissionsOfRole(Model, 'Owner',
+                                 [READ, VIEW, ADD, WRITE])
+    self.assertPermissionsOfRole(Model, 'Assignor',
+                                 [READ, VIEW, ADD, WRITE])
+    self.assertPermissionsOfRole(Model, 'Assignee',
+                                 [READ, VIEW, ADD, WRITE])
+
+    # Check validated state
+    Model.validate()
+    self.assertEquals('validated', Model.getValidationState())
+    self.assertPermissionsOfRole(Model, 'Owner', [])
+    self.assertPermissionsOfRole(Model, 'Assignor',
+                                 [READ, VIEW, ADD, WRITE])
+    self.assertPermissionsOfRole(Model, 'Assignee',
+                                 [READ, VIEW, ADD, WRITE])
+
+def test_suite():
+  suite = unittest.TestSuite()
+  suite.addTest(unittest.makeSuite(TestVifibComputerModelSecurity))
+  return suite

master/bt5/vifib_erp5/WorkflowTemplateItem/portal_workflow/local_permission_vifib_interaction_workflow/interactions/Base_setSourceAdministration.xml

@@ -69,6 +69,7 @@
             <value>
               <list>
                 <string>Computer</string>
+                <string>Computer Model</string>
                 <string>Computer Network</string>
                 <string>Internal Packing List</string>
                 <string>Purchase Packing List</string>

master/bt5/vifib_erp5/bt/revision

-460
+461
\ No newline at end of file

master/bt5/vifib_erp5/bt/template_local_role_list

@@ -16,6 +16,7 @@ business_process_module/vifib_purchase_business_process
 business_process_module/vifib_sale_business_process
 campaign_module
 component_module
+computer_model_module
 computer_module
 computer_network_module
 credential_update_module

master/bt5/vifib_erp5/bt/template_local_roles_list

@@ -4,7 +4,6 @@ account_module/capital
 account_module/coll_vat
 account_module/equipments
 account_module/inventories
-computer_network_module
 account_module/payable
 account_module/profit_loss
 account_module/purchase
@@ -17,7 +16,9 @@ business_process_module/vifib_purchase_business_process
 business_process_module/vifib_sale_business_process
 campaign_module
 component_module
+computer_model_module
 computer_module
+computer_network_module
 credential_update_module
 currency_module
 currency_module/EUR

master/bt5/vifib_erp5/bt/template_portal_type_base_category_list

+Computer Model | source_administration
 Computer Network | source_administration
 Computer | source_administration
\ No newline at end of file

master/bt5/vifib_erp5/bt/template_portal_type_role_list

@@ -15,6 +15,8 @@ Cash Register
 Component
 Component Module
 Computer
+Computer Model Module
+Computer Module
 Computer Module
 Computer Network
 Computer Network Module

master/bt5/vifib_erp5/bt/template_portal_type_roles_list

 Account
 Account Module
-Computer Network
-Computer Network Module
 Accounting Period
 Accounting Transaction
 Accounting Transaction Module
@@ -18,6 +16,10 @@ Component
 Component Module
 Computer
 Computer Module
+Computer Module
+Computer Model Module
+Computer Network
+Computer Network Module
 Computer Partition
 Contribution Tool
 Credential Update Module

master/bt5/vifib_erp5/bt/template_portal_type_workflow_chain_list

+Computer Model | local_permission_vifib_interaction_workflow
 Computer Network | local_permission_vifib_interaction_workflow
 Computer | local_permission_vifib_interaction_workflow
 Hosting Subscription | local_permission_vifib_interaction_workflow

master/bt5/vifib_erp5/bt/template_test_id_list

@@ -5,5 +5,6 @@ testVifibUserAdmin
 testVifibUserCustomer
 testVifibUserDeveloper
 testVifibComputerNetworkSecurity
+testVifibComputerModelSecurity
 testVifibConstraint
 testVifibPayZen
\ No newline at end of file