From b5b946a9ffe78c8c1adb6eb94acc511811507d3d Mon Sep 17 00:00:00 2001 From: Romain Courteaud <romain@nexedi.com> Date: Thu, 5 Dec 2024 09:39:08 +0000 Subject: [PATCH] slapos_erp5: customer must be able to create token for slapos client --- .../LocalRolesTemplateItem/access_token_module.xml | 4 ++++ .../PortalTypeRolesTemplateItem/Access%20Token%20Module.xml | 6 ++++++ .../test.erp5.testSlapOSERP5GroupRoleSecurity.py | 3 ++- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/master/bt5/slapos_erp5/LocalRolesTemplateItem/access_token_module.xml b/master/bt5/slapos_erp5/LocalRolesTemplateItem/access_token_module.xml index b5a26cfa1..41912771e 100644 --- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/access_token_module.xml +++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/access_token_module.xml @@ -1,11 +1,15 @@ <local_roles_item> <local_roles> + <role id='F-CUSTOMER'> + <item>Author</item> + </role> <role id='F-PRODUCTION*'> <item>Author</item> </role> </local_roles> <local_role_group_ids> <local_role_group_id id='function'> + <principal id='F-CUSTOMER'>Author</principal> <principal id='F-PRODUCTION*'>Author</principal> </local_role_group_id> </local_role_group_ids> diff --git a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Access%20Token%20Module.xml b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Access%20Token%20Module.xml index 8cfce96f8..ba375be4c 100644 --- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Access%20Token%20Module.xml +++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Access%20Token%20Module.xml @@ -1,4 +1,10 @@ <type_roles> + <role id='Author'> + <property id='title'>Customer</property> + <multi_property id='categories'>local_role_group/function</multi_property> + <multi_property id='category'>function/customer</multi_property> + <multi_property id='base_category'>function</multi_property> + </role> <role id='Author'> <property id='title'>Production</property> <multi_property id='categories'>local_role_group/function</multi_property> diff --git a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py index 2a5cd87b5..c317a5f88 100644 --- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py +++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py @@ -2034,8 +2034,9 @@ class TestAccessTokenModule(TestSlapOSGroupRoleSecurityMixin): def test_AccessTokenModule(self): module = self.portal.access_token_module self.assertSecurityGroup(module, - ['F-PRODUCTION*', module.Base_getOwnerId()], False) + ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], False) self.assertRoles(module, 'F-PRODUCTION*', ['Author']) + self.assertRoles(module, 'F-CUSTOMER', ['Author']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner']) -- 2.30.9