- test that in scenario where user is not allowed to see original document,...

- test that in scenario where user is not allowed to see original document, he is still able to convert document to different format Add test level Document_checkConversionFormatPermission which disallow access to original document format, and remove it conditionally in beforeTearDown. Add helper method _test_document_conversion_to_base_format_no_original_format_access. It asserts that document is not available in original format and then checks if it is possible to convert this document. Test for PDF, Open Office Document, Text and Image to cover all known cases. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@35957 20353a03-c40f-0410-a6d1-a30d3c3de9de

- test that in scenario where user is not allowed to see original document,...
- test that in scenario where user is not allowed to see original document, he is still able to convert document to different format Add test level Document_checkConversionFormatPermission which disallow access to original document format, and remove it conditionally in beforeTearDown. Add helper method _test_document_conversion_to_base_format_no_original_format_access. It asserts that document is not available in original format and then checks if it is possible to convert this document. Test for PDF, Open Office Document, Text and Image to cover all known cases. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@35957 20353a03-c40f-0410-a6d1-a30d3c3de9de
9860acfa · Łukasz Nowak · 5920200d · 9860acfa
Commit 9860acfa authored Jun 03, 2010 by Łukasz Nowak
Hide whitespace changes
Inline Side-by-side

Showing with 64 additions and 0 deletions

product/ERP5OOo/tests/testDms.py product/ERP5OOo/tests/testDms.py +64 -0

No files found.
--- a/product/ERP5OOo/tests/testDms.py
+++ b/product/ERP5OOo/tests/testDms.py
@@ -64,6 +64,7 @@ from AccessControl import getSecurityManager
 from zLOG import LOG
 from Products.ERP5.Document.Document import NotConvertedError
 from Products.ERP5Form.Document.Preference import Priority
+from Products.ERP5Type.tests.utils import createZODBPythonScript
 import os
 from threading import Thread
 import httplib
@@ -156,6 +157,7 @@ class TestDocumentMixin(ERP5TypeTestCase):
      - clear document module
    """
    transaction.abort()
+    self.clearRestrictedSecurityHelperScript()
    activity_tool = self.portal.portal_activities
    activity_status = set(m.processing_node < -1
                          for m in activity_tool.getMessageList())
@@ -165,6 +167,13 @@ class TestDocumentMixin(ERP5TypeTestCase):
      assert not activity_status
    self.clearDocumentModule()

+  def clearRestrictedSecurityHelperScript(self):
+    script_id = 'Document_checkConversionFormatPermission'
+    custom = self.getPortal().portal_skins.custom
+    if script_id in custom.objectIds():
+      custom.manage_delObjects(ids=[script_id])
+      transaction.commit()
+
  def clearDocumentModule(self):
    """
      Remove everything after each run
@@ -1717,6 +1726,61 @@ style=3D'color:black'>05D65812<o:p></o:p></span></p>
    from AccessControl import Unauthorized
    self.assertRaises(Unauthorized, document.asText)

+  def createRestrictedSecurityHelperScript(self):
+    createZODBPythonScript(self.getPortal().portal_skins.custom,
+    'Document_checkConversionFormatPermission', 'format=None, **kw', """
+if not format:
+  return 0
+return 1
+""")
+    transaction.commit()
+
+  def _test_document_conversion_to_base_format_no_original_format_access(self,
+      portal_type, file_name):
+    module = self.portal.getDefaultModule(portal_type)
+    upload_file = makeFileUpload(file_name)
+    document = module.newContent(portal_type=portal_type,
+                                 file=upload_file)
+
+    transaction.commit()
+    self.tic()
+
+    self.createRestrictedSecurityHelperScript()
+
+    from AccessControl import Unauthorized
+    # check that it is not possible to access document in original format
+    self.assertRaises(Unauthorized, document.convert, format=None)
+    # check that it is possible to convert document to text format
+    dummy = document.convert(format='text')
+
+  def test_WebPage_conversion_to_base_format_no_original_format_access(self):
+    """Checks Document.TextDocument"""
+    self._test_document_conversion_to_base_format_no_original_format_access(
+      'Web Page',
+      'TEST-text-iso8859-1.txt'
+    )
+
+  def test_PDF_conversion_to_base_format_no_original_format_access(self):
+    """Checks Document.PDFDocument"""
+    self._test_document_conversion_to_base_format_no_original_format_access(
+      'PDF',
+      'TEST-en-002.pdf'
+    )
+
+  def test_Text_conversion_to_base_format_no_original_format_access(self):
+    """Checks Document.OOoDocument"""
+    self._test_document_conversion_to_base_format_no_original_format_access(
+      'Text',
+      'TEST-en-002.odt'
+    )
+
+  def test_Image_conversion_to_base_format_no_original_format_access(self):
+    """Checks Document.Image"""
+    self._test_document_conversion_to_base_format_no_original_format_access(
+      'Image',
+      'TEST-en-002.png'
+    )
+
 class TestDocumentWithSecurity(TestDocumentMixin):

  username = 'yusei'