Commit 1874e049 authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Update Security on Cloud Contract to allow Person view it

parent 5cb2bb6a
...@@ -4,11 +4,23 @@ ...@@ -4,11 +4,23 @@
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-MEMBER'>
<item>Auditor</item>
</role>
<role id='R-SHADOW-PERSON'>
<item>Auditor</item>
</role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal> <principal id='G-COMPANY'>Author</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
...@@ -5,4 +5,16 @@ ...@@ -5,4 +5,16 @@
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
<role id='Auditor'>
<property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'>
<property id='title'>Customer</property>
<property id='description'>Monovalued role</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='categories'>local_role_group/group</multi_property>
......
...@@ -2316,20 +2316,35 @@ class TestCloudContractModule(TestSlapOSGroupRoleSecurityMixin): ...@@ -2316,20 +2316,35 @@ class TestCloudContractModule(TestSlapOSGroupRoleSecurityMixin):
module = self.portal.cloud_contract_module module = self.portal.cloud_contract_module
self.changeOwnership(module) self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
[self.user_id, 'G-COMPANY'], False) [self.user_id, 'G-COMPANY', 'R-MEMBER', 'R-SHADOW-PERSON'], False)
self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor']) self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, self.user_id, ['Owner'])
class TestCloudContract(TestSlapOSGroupRoleSecurityMixin): class TestCloudContract(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self): def test_GroupCompany(self):
text = self.portal.cloud_contract_module.newContent( contract = self.portal.cloud_contract_module.newContent(
portal_type='Cloud Contract') portal_type='Cloud Contract')
self.assertSecurityGroup(text, self.assertSecurityGroup(contract,
['G-COMPANY', self.user_id], ['G-COMPANY', self.user_id],
False) False)
self.assertRoles(text, 'G-COMPANY', ['Assignor']) self.assertRoles(contract, 'G-COMPANY', ['Assignor'])
self.assertRoles(text, self.user_id, ['Owner']) self.assertRoles(contract, self.user_id, ['Owner'])
def test_Customer(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
contract = self.portal.cloud_contract_module.newContent(
portal_type='Cloud Contract',
destination_section_value=person,
)
contract.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(contract,
['G-COMPANY', person.getUserId(), self.user_id], False)
self.assertRoles(contract, 'G-COMPANY', ['Assignor'])
self.assertRoles(contract, person.getUserId(), ['Auditor'])
self.assertRoles(contract, self.user_id, ['Owner'])
class TestUpgradeDecisionModule(TestSlapOSGroupRoleSecurityMixin): class TestUpgradeDecisionModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test(self):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment