Skip to content

S
slapos.core
Commit 363b6523 authored by Romain Courteaud's avatar Romain Courteaud
Browse files
Options

slapos_erp5: 

* WIP local roles test
* fixup Payment Transaction local role test
* add SecurePaymentTool local role test
* check that Role Definition contains a local_role_group
parent 1c4f6e07
Hide whitespace changes
Inline Side-by-side
Showing with 781 additions and 1089 deletions
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Subscription%20Request.xml
View file @ 363b6523
...@@ -22,6 +22,7 @@ ...@@ -22,6 +22,7 @@
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property> <multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property> <multi_property id='base_category'>source_project</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Source Project Production Manager</property> <property id='title'>Source Project Production Manager</property>
...@@ -30,5 +31,6 @@ ...@@ -30,5 +31,6 @@
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property> <multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property> <multi_property id='base_category'>source_project</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
master/bt5/slapos_erp5/PortalTypeWorkflowChainTemplateItem/workflow_chain_type.xml
View file @ 363b6523
<workflow_chain> <workflow_chain>
<chain>
<type>Accounting Transaction</type>
<workflow>local_permission_slapos_interaction_workflow</workflow>
</chain>
<chain> <chain>
<type>Acknowledgement</type> <type>Acknowledgement</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
...@@ -7,6 +11,10 @@ ...@@ -7,6 +11,10 @@
<type>Allocation Supply</type> <type>Allocation Supply</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
</chain> </chain>
<chain>
<type>Balance Transaction</type>
<workflow>local_permission_slapos_interaction_workflow</workflow>
</chain>
<chain> <chain>
<type>Cloud Contract</type> <type>Cloud Contract</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
...@@ -95,6 +103,10 @@ ...@@ -95,6 +103,10 @@
<type>Project</type> <type>Project</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
</chain> </chain>
<chain>
<type>Purchase Invoice Transaction</type>
<workflow>local_permission_slapos_interaction_workflow</workflow>
</chain>
<chain> <chain>
<type>Purchase Packing List</type> <type>Purchase Packing List</type>
<workflow>-immobilisation_movement_interaction_workflow</workflow> <workflow>-immobilisation_movement_interaction_workflow</workflow>
...@@ -107,6 +119,10 @@ ...@@ -107,6 +119,10 @@
<type>Purchase Packing List Line</type> <type>Purchase Packing List Line</type>
<workflow>-immobilisation_movement_interaction_workflow</workflow> <workflow>-immobilisation_movement_interaction_workflow</workflow>
</chain> </chain>
<chain>
<type>Regularisation Request</type>
<workflow>local_permission_slapos_interaction_workflow</workflow>
</chain>
<chain> <chain>
<type>Remote Node</type> <type>Remote Node</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
...@@ -155,6 +171,10 @@ ...@@ -155,6 +171,10 @@
<type>Support Request</type> <type>Support Request</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
</chain> </chain>
<chain>
<type>Upgrade Decision</type>
<workflow>local_permission_slapos_interaction_workflow</workflow>
</chain>
<chain> <chain>
<type>Web Message</type> <type>Web Message</type>
<workflow>local_permission_slapos_interaction_workflow</workflow> <workflow>local_permission_slapos_interaction_workflow</workflow>
......
master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py
View file @ 363b6523
...@@ -24,6 +24,7 @@ from erp5.component.test.SlapOSTestCaseMixin import SlapOSTestCaseMixinWithAbort ...@@ -24,6 +24,7 @@ from erp5.component.test.SlapOSTestCaseMixin import SlapOSTestCaseMixinWithAbort
from AccessControl import getSecurityManager from AccessControl import getSecurityManager
class TestSlapOSGroupRoleSecurityCoverage(SlapOSTestCaseMixinWithAbort): class TestSlapOSGroupRoleSecurityCoverage(SlapOSTestCaseMixinWithAbort):
maxDiff = None
def testCoverage(self): def testCoverage(self):
""" Test which Portal types are not covered by this test. """ Test which Portal types are not covered by this test.
...@@ -35,12 +36,26 @@ class TestSlapOSGroupRoleSecurityCoverage(SlapOSTestCaseMixinWithAbort): ...@@ -35,12 +36,26 @@ class TestSlapOSGroupRoleSecurityCoverage(SlapOSTestCaseMixinWithAbort):
test_list = [] test_list = []
for pt in self.portal.portal_types.objectValues(): for pt in self.portal.portal_types.objectValues():
if len(pt.contentValues(portal_type="Role Information")) > 0: if 0 < len(pt.contentValues(portal_type="Role Information")):
test_klass = "class Test%s" % "".join(pt.getId().split(" ")) test_klass = "class Test%s(" % "".join(pt.getId().split(" "))
if test_klass not in test_source_code: if test_klass not in test_source_code:
test_list.append(test_klass) test_list.append(pt.getId())
test_list.sort()
self.assertEqual(test_list, []) self.assertEqual(test_list, [])
def testLocalRoleGroup(self):
"""
Check that all role definitions use a local role group
XXX how to check the consistency
"""
test_list = []
for pt in self.portal.portal_types.objectValues():
for role_information in pt.contentValues(portal_type="Role Information"):
group = role_information.getLocalRoleGroupValue()
if group is None:
test_list.append('%s - %s' % (pt.getId(), role_information.getTitle()))
test_list.sort()
self.assertEqual(test_list, [])
class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort): class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort):
...@@ -48,13 +63,6 @@ class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort): ...@@ -48,13 +63,6 @@ class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort):
SlapOSTestCaseMixinWithAbort.afterSetUp(self) SlapOSTestCaseMixinWithAbort.afterSetUp(self)
self.user_id = getSecurityManager().getUser().getId() self.user_id = getSecurityManager().getUser().getId()
def changeOwnership(self, document):
""" Change the ownership of the document to the right and
expected user. Normally the user which setups the site.
"""
document.changeOwnership(getSecurityManager().getUser(), False)
document.updateLocalRolesOnSecurityGroups()
def _getLocalRoles(self, context): def _getLocalRoles(self, context):
return [x[0] for x in context.get_local_roles()] return [x[0] for x in context.get_local_roles()]
...@@ -90,33 +98,327 @@ class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort): ...@@ -90,33 +98,327 @@ class TestSlapOSGroupRoleSecurityMixin(SlapOSTestCaseMixinWithAbort):
) )
class TestAccountModule(TestSlapOSGroupRoleSecurityMixin):
def test_AccountModule(self):
module = self.portal.account_module
self.assertSecurityGroup(module,
['F-ACCOUNTING*', module.Base_getOwnerId(), 'R-SHADOW-PERSON'], False)
self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestAccount(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingFunction(self):
product = self.portal.account_module.newContent(
portal_type='Account')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAccountingPeriod(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingFunction(self):
product = self.portal.organisation_module.newContent(
portal_type='Organisation').newContent(
portal_type='Accounting Period')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAccountingTransactionModule(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingTransactionModule(self):
module = self.portal.accounting_module
self.assertSecurityGroup(module,
['F-ACCOUNTING*', 'F-PRODUCTION*', module.Base_getOwnerId(),
'R-SHADOW-PERSON', 'F-CUSTOMER'], True)
self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Assignor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
def test_PaymentTransaction_AccountingFunction_LedgerNotAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_PaymentTransaction_AccountingFunction_LedgerAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
product.edit(ledger='automated')
self.assertSecurityGroup(product,
['F-ACCOUNTING*', 'R-SHADOW-PERSON', self.user_id], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_PaymentTransaction_UserWithoutLedger(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
product.edit(
destination_section_value=person,
)
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_PaymentTransaction_UserLedger(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
product.edit(
destination_section_value=person,
ledger='automated'
)
shadow_user_id = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id, person.getUserId(),
shadow_user_id], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, shadow_user_id, ['Auditor'])
self.assertRoles(product, person.getUserId(), ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
def test_SaleInvoiceTransaction_AccountingFunction_LedgerNotAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Sale Invoice Transaction')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_SaleInvoiceTransaction_AccountingFunction_LedgerAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Sale Invoice Transaction')
product.edit(ledger='automated')
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_SaleInvoiceTransaction_User(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
product = self.portal.accounting_module.newContent(
portal_type='Sale Invoice Transaction')
product.edit(
ledger='automated',
destination_section_value=person,
)
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id, person.getUserId(),
'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, person.getUserId(), ['Auditor'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAccountingTransaction(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingTransaction_LedgerNotAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Accounting Transaction')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_AccountingTransaction_LedgerAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Accounting Transaction')
product.edit(ledger='automated')
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestBalanceTransaction(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingFunction_LedgerNotAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Balance Transaction')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_AccountingFunction_LedgerAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Balance Transaction')
product.edit(ledger='automated')
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestPurchaseInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingFunction_LedgerNotAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Purchase Invoice Transaction')
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_AccountingFunction_LedgerAutomated(self):
product = self.portal.accounting_module.newContent(
portal_type='Purchase Invoice Transaction')
product.edit(ledger='automated')
self.assertSecurityGroup(product,
['F-ACCOUNTING*', self.user_id], False)
self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAllocationSupplyModule(TestSlapOSGroupRoleSecurityMixin):
def test_AllocationSupplyModule(self):
module = self.portal.allocation_supply_module
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], False)
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestAllocationSupply(TestSlapOSGroupRoleSecurityMixin):
def test_AllocationSupply_default(self):
supply = self.portal.allocation_supply_module.newContent(
portal_type='Allocation Supply')
self.assertSecurityGroup(supply,
[self.user_id], False)
self.assertRoles(supply, self.user_id, ['Owner'])
def test_AllocationSupply_DestinationCustomer(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
supply = self.portal.allocation_supply_module.newContent(
portal_type='Allocation Supply')
supply.edit(
destination_value=person,
)
self.assertSecurityGroup(supply,
[self.user_id], False)
self.assertRoles(supply, self.user_id, ['Owner'])
supply.validate()
self.assertSecurityGroup(supply,
[person.getUserId(), self.user_id], False)
self.assertRoles(supply, person.getUserId(), ['Auditor'])
self.assertRoles(supply, self.user_id, ['Owner'])
supply.invalidate()
self.assertSecurityGroup(supply,
[self.user_id], False)
self.assertRoles(supply, self.user_id, ['Owner'])
def test_AllocationSupply_DestinationProject(self):
project = self.addProject()
supply = self.portal.allocation_supply_module.newContent(
portal_type='Allocation Supply')
supply.edit(
destination_project_value=project,
)
self.assertSecurityGroup(supply, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(supply, self.user_id, ['Owner'])
self.assertRoles(supply, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(supply, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
supply.validate()
self.assertSecurityGroup(supply, [self.user_id,
'%s_F-CUSTOMER' % project.getReference(),
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(supply, self.user_id, ['Owner'])
self.assertRoles(supply, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
self.assertRoles(supply, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(supply, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
supply.invalidate()
self.assertSecurityGroup(supply, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(supply, self.user_id, ['Owner'])
self.assertRoles(supply, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(supply, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
class TestAssignment(TestSlapOSGroupRoleSecurityMixin): class TestAssignment(TestSlapOSGroupRoleSecurityMixin):
def test_Company_Group(self): def test_Assignment_Company_Group(self):
assignment = self.portal.person_module.newContent( assignment = self.portal.person_module.newContent(
portal_type='Person').newContent(portal_type='Assignment') portal_type='Person').newContent(portal_type='Assignment')
assignment.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(assignment, self.assertSecurityGroup(assignment,
['F-IS*', self.user_id], False) ['F-IS*', self.user_id], False)
self.assertRoles(assignment, 'F-IS*', ['Auditor']) self.assertRoles(assignment, 'F-IS*', ['Auditor'])
self.assertRoles(assignment, self.user_id, ['Owner']) self.assertRoles(assignment, self.user_id, ['Owner'])
class TestComputeNodeModule(TestSlapOSGroupRoleSecurityMixin):
def test_ComputeNodeModule(self):
module = self.portal.compute_node_module
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'R-COMPUTER', 'F-CUSTOMER', 'R-INSTANCE', module.Base_getOwnerId()],
False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
self.assertRoles(module, 'R-INSTANCE', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestComputeNode(TestSlapOSGroupRoleSecurityMixin): class TestComputeNode(TestSlapOSGroupRoleSecurityMixin):
def test_default(self): def test_ComputeNode_userId(self):
compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node') compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node')
compute_node.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(compute_node, self.assertSecurityGroup(compute_node,
[self.user_id, compute_node.getUserId()], False) [self.user_id, compute_node.getUserId()], False)
self.assertRoles(compute_node, self.user_id, ['Owner']) self.assertRoles(compute_node, self.user_id, ['Owner'])
self.assertRoles(compute_node, compute_node.getUserId(), ['Assignor']) self.assertRoles(compute_node, compute_node.getUserId(), ['Assignor'])
def test_ProjectMember(self): compute_node.edit(user_id=None)
self.assertSecurityGroup(compute_node,
[self.user_id], False)
self.assertRoles(compute_node, self.user_id, ['Owner'])
def test_ComputeNode_ProjectMember(self):
project = self.addProject() project = self.addProject()
compute_node = self.portal.compute_node_module.newContent( compute_node = self.portal.compute_node_module.newContent(
portal_type='Compute Node', portal_type='Compute Node')
compute_node.edit(
follow_up_value=project) follow_up_value=project)
compute_node.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(compute_node, [ self.assertSecurityGroup(compute_node, [
self.user_id, self.user_id,
compute_node.getUserId(), compute_node.getUserId(),
...@@ -133,24 +435,35 @@ class TestComputeNode(TestSlapOSGroupRoleSecurityMixin): ...@@ -133,24 +435,35 @@ class TestComputeNode(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(compute_node, '%s_R-INSTANCE' % project.getReference(), ['Auditor']) self.assertRoles(compute_node, '%s_R-INSTANCE' % project.getReference(), ['Auditor'])
class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin):
def test_ComputerModelModule(self):
module = self.portal.computer_model_module
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestComputerModel(TestSlapOSGroupRoleSecurityMixin): class TestComputerModel(TestSlapOSGroupRoleSecurityMixin):
document_portal_type = 'Computer Model' document_portal_type = 'Computer Model'
def test_default(self): def test_ComputerModel_default(self):
model = self.portal.getDefaultModuleValue(self.document_portal_type).newContent( model = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
portal_type=self.document_portal_type) portal_type=self.document_portal_type)
model.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(model, self.assertSecurityGroup(model,
['R-SHADOW-PERSON', self.user_id], False) ['R-SHADOW-PERSON', self.user_id], False)
self.assertRoles(model, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(model, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(model, self.user_id, ['Owner']) self.assertRoles(model, self.user_id, ['Owner'])
def test_ProjectMember(self): def test_ComputerModel_ProjectMember(self):
project = self.addProject() project = self.addProject()
compute_node = self.portal.getDefaultModuleValue(self.document_portal_type).newContent( compute_node = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
portal_type=self.document_portal_type, portal_type=self.document_portal_type)
compute_node.edit(
follow_up_value=project) follow_up_value=project)
compute_node.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(compute_node, [ self.assertSecurityGroup(compute_node, [
self.user_id, self.user_id,
'R-SHADOW-PERSON', 'R-SHADOW-PERSON',
...@@ -164,31 +477,17 @@ class TestComputerModel(TestSlapOSGroupRoleSecurityMixin): ...@@ -164,31 +477,17 @@ class TestComputerModel(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor']) self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor']) self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.computer_model_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', self.user_id],
False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestComputeNodeModule(TestSlapOSGroupRoleSecurityMixin): class TestComputerNetworkModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test_ComputerNetworkModule(self):
module = self.portal.compute_node_module module = self.portal.computer_network_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-PRODUCTION*', 'R-COMPUTER', 'F-CUSTOMER', 'R-INSTANCE', self.user_id], ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
False) False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-COMPUTER', ['Auditor']) self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, 'R-INSTANCE', ['Auditor']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestComputerNetwork(TestComputerModel): class TestComputerNetwork(TestComputerModel):
...@@ -1105,24 +1404,24 @@ class TestAccount(TestSlapOSGroupRoleSecurityMixin): ...@@ -1105,24 +1404,24 @@ class TestAccount(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
class TestCurrencyModule(TestSlapOSGroupRoleSecurityMixin): class TestCurrencyModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test_CurrencyModule(self):
module = self.portal.currency_module module = self.portal.currency_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-ACCOUNTING*', 'F-PRODUCTION*', self.user_id, ['F-ACCOUNTING*', 'F-PRODUCTION*', module.Base_getOwnerId(),
'R-SHADOW-PERSON', 'F-CUSTOMER'], True) 'R-SHADOW-PERSON', 'F-CUSTOMER'], True)
self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author']) self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestCurrency(TestSlapOSGroupRoleSecurityMixin): class TestCurrency(TestSlapOSGroupRoleSecurityMixin):
def test_default(self): def test_Currency(self):
product = self.portal.currency_module.newContent( product = self.portal.currency_module.newContent(
portal_type='Currency') portal_type='Currency')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['F-ACCOUNTING*', 'F-PRODUCTION*', self.user_id, ['F-ACCOUNTING*', 'F-PRODUCTION*', self.user_id,
'R-SHADOW-PERSON', 'F-CUSTOMER'], False) 'R-SHADOW-PERSON', 'F-CUSTOMER'], False)
...@@ -1132,165 +1431,22 @@ class TestCurrency(TestSlapOSGroupRoleSecurityMixin): ...@@ -1132,165 +1431,22 @@ class TestCurrency(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(product, 'F-CUSTOMER', ['Auditor']) self.assertRoles(product, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
class TestSaleTradeConditionModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.sale_trade_condition_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id, 'R-MEMBER', 'R-SHADOW-PERSON'], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, 'R-MEMBER', ['Auditor'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Assignor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestSaleTradeCondition(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.sale_trade_condition_module.newContent(
portal_type='Sale Trade Condition')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAccountingPeriod(TestSlapOSGroupRoleSecurityMixin):
def test_AccountingFunction(self):
product = self.portal.organisation_module.newContent(
portal_type='Organisation').newContent(
portal_type='Accounting Period')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestBankAccount(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.organisation_module.newContent(
portal_type='Organisation').newContent(
portal_type='Bank Account')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestCampaignModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.campaign_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], True)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestCampaign(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.campaign_module.newContent(
portal_type='Campaign')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestIncidentResponseModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.incident_response_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestIncidentResponse(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
incident_response = self.portal.incident_response_module.newContent(
portal_type='Incident Response')
incident_response.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(incident_response,
['G-COMPANY', self.user_id], False)
self.assertRoles(incident_response, 'G-COMPANY', ['Assignor'])
self.assertRoles(incident_response, self.user_id, ['Owner'])
class TestSubscriptionRequestModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.subscription_request_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestSubscriptionRequest(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
subscription_request = self.portal.subscription_request_module.newContent(
portal_type='Subscription Request')
subscription_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(subscription_request,
['G-COMPANY', self.user_id], False)
self.assertRoles(subscription_request, 'G-COMPANY', ['Assignor'])
self.assertRoles(subscription_request, self.user_id, ['Owner'])
class TestSubscriptionConditionModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.subscription_condition_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestSubscriptionCondition(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
subscription_condition = self.portal.subscription_condition_module.newContent(
portal_type='Subscription Condition')
subscription_condition.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(subscription_condition,
['G-COMPANY', self.user_id], False)
self.assertRoles(subscription_condition, 'G-COMPANY', ['Assignor'])
self.assertRoles(subscription_condition, self.user_id, ['Owner'])
class TestCashRegister(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.organisation_module.newContent(
portal_type='Organisation').newContent(
portal_type='Cash Register')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestDocumentIngestionModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.document_ingestion_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], True)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestEventModule(TestSlapOSGroupRoleSecurityMixin): class TestEventModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test(self):
module = self.portal.event_module module = self.portal.event_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', self.user_id], True) ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestMailMessage(TestSlapOSGroupRoleSecurityMixin): class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
event_portal_type = 'Mail Message' event_portal_type = 'Mail Message'
def test_default(self): def test_default(self):
product = self.portal.event_module.newContent( product = self.portal.event_module.newContent(
portal_type=self.event_portal_type) portal_type=self.event_portal_type)
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
[self.user_id], False) [self.user_id], False)
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
...@@ -1300,10 +1456,10 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin): ...@@ -1300,10 +1456,10 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
product = self.portal.event_module.newContent( product = self.portal.event_module.newContent(
portal_type=self.event_portal_type, portal_type=self.event_portal_type)
product.edit(
source_value=person, source_value=person,
) )
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
[person.getUserId(), self.user_id], False) [person.getUserId(), self.user_id], False)
self.assertRoles(product, person.getUserId(), ['Auditor']) self.assertRoles(product, person.getUserId(), ['Auditor'])
...@@ -1314,10 +1470,10 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin): ...@@ -1314,10 +1470,10 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
product = self.portal.event_module.newContent( product = self.portal.event_module.newContent(
portal_type=self.event_portal_type, portal_type=self.event_portal_type)
product.edit(
destination_value=person, destination_value=person,
) )
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
[person.getUserId(), self.user_id], False) [person.getUserId(), self.user_id], False)
self.assertRoles(product, person.getUserId(), ['Auditor']) self.assertRoles(product, person.getUserId(), ['Auditor'])
...@@ -1326,12 +1482,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin): ...@@ -1326,12 +1482,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
def test_SourceProject(self): def test_SourceProject(self):
project = self.addProject() project = self.addProject()
event = self.portal.event_module.newContent( event = self.portal.event_module.newContent(
portal_type=self.event_portal_type, portal_type=self.event_portal_type)
event.edit(
source_project_value=project source_project_value=project
) )
event.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(event, [self.user_id, self.assertSecurityGroup(event, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
...@@ -1342,12 +1497,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin): ...@@ -1342,12 +1497,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
def test_DestinationProject(self): def test_DestinationProject(self):
project = self.addProject() project = self.addProject()
event = self.portal.event_module.newContent( event = self.portal.event_module.newContent(
portal_type=self.event_portal_type, portal_type=self.event_portal_type)
event.edit(
destination_project_value=project destination_project_value=project
) )
event.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(event, [self.user_id, self.assertSecurityGroup(event, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
...@@ -1383,86 +1537,344 @@ class TestLetter(TestMailMessage): ...@@ -1383,86 +1537,344 @@ class TestLetter(TestMailMessage):
class TestAcknowledgement(TestMailMessage): class TestAcknowledgement(TestMailMessage):
event_portal_type = 'Acknowledgement' event_portal_type = 'Acknowledgement'
class TestNotificationMessageModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): class TestInstanceTreeModule(TestSlapOSGroupRoleSecurityMixin):
module = self.portal.notification_message_module def test_InstanceTreeModule(self):
self.changeOwnership(module) module = self.portal.instance_tree_module
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], False) ['F-PRODUCTION*', 'R-COMPUTER', 'F-CUSTOMER', 'R-INSTANCE', module.Base_getOwnerId()], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
self.assertRoles(module, 'R-INSTANCE', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestNotificationMessage(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.notification_message_module.newContent(
portal_type='Notification Message')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestProductModule(TestSlapOSGroupRoleSecurityMixin): class TestInstanceTree(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test_InstanceTree_RelatedSoftwareInstanceGroup(self):
module = self.portal.product_module reference = 'TESTHS-%s' % self.generateNewId()
self.changeOwnership(module) subscription = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree')
subscription.edit(reference=reference)
self.assertSecurityGroup(subscription, [self.user_id, reference], False)
self.assertRoles(subscription, reference, ['Assignee'])
self.assertRoles(subscription, self.user_id, ['Owner'])
def test_InstanceTree_CustomOfTheInstanceTree(self):
customer_reference = 'TESTPERSON-%s' % self.generateNewId()
customer = self.portal.person_module.newContent(
portal_type='Person', reference=customer_reference)
reference = 'TESTHS-%s' % self.generateNewId()
subscription = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference=reference)
subscription.edit(
destination_section_value=customer)
self.assertSecurityGroup(subscription, [self.user_id, reference,
customer.getUserId()], False)
self.assertRoles(subscription, reference, ['Assignee'])
self.assertRoles(subscription, customer.getUserId(), ['Assignee'])
self.assertRoles(subscription, self.user_id, ['Owner'])
def test_InstanceTree_ProjectMember(self):
project = self.addProject()
reference = 'TESTHS-%s' % self.generateNewId()
project = self.portal.project_module.newContent(
portal_type='Project')
subscription = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference=reference)
subscription.edit(
follow_up_value=project)
self.assertSecurityGroup(subscription, [self.user_id, reference,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(subscription, reference, ['Assignee'])
self.assertRoles(subscription, self.user_id, ['Owner'])
self.assertRoles(subscription, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(subscription, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
class TestSoftwareInstallationModule(TestSlapOSGroupRoleSecurityMixin):
def test_SoftwareInstallationModule(self):
module = self.portal.software_installation_module
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], True) ['F-PRODUCTION*', 'F-CUSTOMER', 'R-COMPUTER', module.Base_getOwnerId()], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author']) self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestProduct(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self): class TestSoftwareInstallation(TestSlapOSGroupRoleSecurityMixin):
product = self.portal.product_module.newContent( def test_SoftwareInstallation_default(self):
portal_type='Product') installation = self.portal.software_installation_module.newContent(
product.updateLocalRolesOnSecurityGroups() portal_type='Software Installation')
self.assertSecurityGroup(installation, [self.user_id], False)
self.assertRoles(installation, self.user_id, ['Owner'])
def test_SoftwareInstallation_ComputeNode(self):
compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
compute_node = self.portal.compute_node_module.template_compute_node\
.Base_createCloneDocument(batch_mode=1)
compute_node.edit(reference=compute_node_reference)
installation = self.portal.software_installation_module.newContent(
portal_type='Software Installation')
installation.edit(
aggregate_value=compute_node)
self.assertSecurityGroup(installation, [self.user_id,
compute_node.getUserId()], False)
self.assertRoles(installation, compute_node.getUserId(), ['Assignor'])
self.assertRoles(installation, self.user_id, ['Owner'])
def test_SoftwareInstallation_ProjectMember(self):
project = self.addProject()
installation = self.portal.software_installation_module.newContent(
portal_type='Software Installation')
installation.edit(
follow_up_value=project)
self.assertSecurityGroup(installation, [
self.user_id,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference(),
'%s_F-CUSTOMER' % project.getReference(),
], False)
self.assertRoles(installation, self.user_id, ['Owner'])
self.assertRoles(installation, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
self.assertRoles(installation, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(installation, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
class TestSoftwareInstanceModule(TestSlapOSGroupRoleSecurityMixin):
def test_SoftwareInstanceModule(self):
module = self.portal.software_instance_module
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'R-COMPUTER', 'R-INSTANCE', 'F-CUSTOMER', module.Base_getOwnerId()], False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
self.assertRoles(module, 'R-INSTANCE', ['Auditor', 'Author'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestSoftwareInstance(TestSlapOSGroupRoleSecurityMixin):
def test_SoftwareInstance_default(self):
instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance')
self.assertSecurityGroup(instance, [self.user_id], False)
self.assertRoles(instance, self.user_id, ['Owner'])
def test_SoftwareInstance_CustomerOfTheInstance(self):
customer_reference = 'TESTPERSON-%s' % self.generateNewId()
customer = self.portal.person_module.newContent(
portal_type='Person', reference=customer_reference)
subscription_reference = 'TESTHS-%s ' % self.generateNewId()
subscription = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree',
reference=subscription_reference,
destination_section=customer.getRelativeUrl())
instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance')
instance.edit(specialise=subscription.getRelativeUrl())
self.assertSecurityGroup(instance, [customer.getUserId(),
subscription_reference, self.user_id], False)
self.assertRoles(instance, customer.getUserId(), ['Assignee'])
self.assertRoles(instance, subscription_reference, ['Assignee'])
self.assertRoles(instance, self.user_id, ['Owner'])
def test_SoftwareInstance_ProjectMember(self):
project = self.addProject()
instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance')
instance.edit(
follow_up_value=project
)
self.assertSecurityGroup(instance, [
self.user_id,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference(),
], False)
self.assertRoles(instance, self.user_id, ['Owner'])
self.assertRoles(instance, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
self.assertRoles(instance, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
def test_SoftwareInstance_ComputeNode(self):
compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
compute_node = self.portal.compute_node_module.template_compute_node\
.Base_createCloneDocument(batch_mode=1)
compute_node.edit(reference=compute_node_reference)
partition = compute_node.newContent(portal_type='Compute Partition')
self.commit()
instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance')
instance.edit(aggregate_value=partition)
self.assertSecurityGroup(instance, [compute_node.getUserId(),
self.user_id], False)
self.assertRoles(instance, compute_node.getUserId(), ['Assignor'])
self.assertRoles(instance, self.user_id, ['Owner'])
class TestSlaveInstance(TestSlapOSGroupRoleSecurityMixin):
def test_SlaveInstance_default(self):
instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance')
self.assertSecurityGroup(instance, [self.user_id], False)
self.assertRoles(instance, self.user_id, ['Owner'])
def test_SlaveInstance_CustomerOfTheInstance(self):
customer_reference = 'TESTPERSON-%s' % self.generateNewId()
customer = self.portal.person_module.newContent(
portal_type='Person', reference=customer_reference)
subscription_reference = 'TESTHS-%s ' % self.generateNewId()
subscription = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree',
reference=subscription_reference,
destination_section=customer.getRelativeUrl())
instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance')
instance.edit(specialise=subscription.getRelativeUrl())
self.assertSecurityGroup(instance, [customer.getUserId(),
subscription_reference, self.user_id], False)
self.assertRoles(instance, customer.getUserId(), ['Assignee'])
self.assertRoles(instance, subscription_reference, ['Assignee'])
self.assertRoles(instance, self.user_id, ['Owner'])
def test_SlaveInstance_ProjectMember(self):
project = self.addProject()
instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance')
instance.edit(
follow_up_value=project
)
self.assertSecurityGroup(instance, [
self.user_id,
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()
], False)
self.assertRoles(instance, self.user_id, ['Owner'])
self.assertRoles(instance, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
self.assertRoles(instance, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
def test_SlaveInstance_SoftwareInstanceWhichProvidesThisSlaveInstance(self):
compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
compute_node = self.portal.compute_node_module.template_compute_node\
.Base_createCloneDocument(batch_mode=1)
compute_node.edit(reference=compute_node_reference)
partition = compute_node.newContent(portal_type='Compute Partition')
provider_reference = 'TESTSI-%s' % self.generateNewId()
provider = self.portal.software_instance_module\
.template_software_instance.Base_createCloneDocument(batch_mode=1)
provider.edit(reference=provider_reference,
aggregate=partition.getRelativeUrl())
provider.validate()
self.tic()
instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance')
instance.edit(aggregate=partition.getRelativeUrl())
self.assertSecurityGroup(instance, [provider.getUserId(),
compute_node.getUserId(), self.user_id], False)
self.assertRoles(instance, provider.getUserId(), ['Assignor'])
self.assertRoles(instance, compute_node.getUserId(), ['Assignor'])
self.assertRoles(instance, self.user_id, ['Owner'])
class TestSoftwareProductModule(TestSlapOSGroupRoleSecurityMixin):
def test_SoftwareProductModule(self):
module = self.portal.software_product_module
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], False)
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestSoftwareProduct(TestSlapOSGroupRoleSecurityMixin):
def test_SoftwareProduct_default(self):
product = self.portal.software_product_module.newContent(
portal_type='Software Product')
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False) [self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, self.user_id, ['Owner'])
def test_SoftwareProduct_Project(self):
project = self.addProject()
product = self.portal.software_product_module.newContent(
portal_type='Software Product')
product.edit(
follow_up_value=project)
self.assertSecurityGroup(product, [self.user_id,
'%s_F-CUSTOMER' % project.getReference(),
'%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
self.assertRoles(product, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(product, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
self.assertRoles(product, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
class TestSupportRequestModule(TestSlapOSGroupRoleSecurityMixin): class TestSupportRequestModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test_SupportRequestModule(self):
module = self.portal.support_request_module module = self.portal.support_request_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', self.user_id], True) ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin): class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
ticket_portal_type = 'Support Request' ticket_portal_type = 'Support Request'
def test_default(self): def test_SupportRequest_default(self):
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type) portal_type=self.ticket_portal_type)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, self.assertSecurityGroup(support_request,
[self.user_id], False) [self.user_id], False)
self.assertRoles(support_request, self.user_id, ['Owner']) self.assertRoles(support_request, self.user_id, ['Owner'])
def test_Customer(self): def test_SupportRequest_Customer(self):
reference = 'TESTPERSON-%s' % self.generateNewId() reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
destination_decision_value=person, destination_decision_value=person,
) )
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, self.assertSecurityGroup(support_request,
[person.getUserId(), self.user_id], False) [person.getUserId(), self.user_id], False)
self.assertRoles(support_request, person.getUserId(), ['Auditor']) self.assertRoles(support_request, person.getUserId(), ['Auditor'])
self.assertRoles(support_request, self.user_id, ['Owner']) self.assertRoles(support_request, self.user_id, ['Owner'])
def test_Template(self): def test_SupportRequest_Template(self):
support_request = self.portal.restrictedTraverse(getattr( support_request = self.portal.restrictedTraverse(getattr(
self.portal.portal_preferences, self.portal.portal_preferences,
'getPreferred%sTemplate' % self.ticket_portal_type.title().replace(' ', '') 'getPreferred%sTemplate' % self.ticket_portal_type.title().replace(' ', '')
)()) )())
assert support_request.getPortalType() == self.ticket_portal_type assert support_request.getPortalType() == self.ticket_portal_type
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, self.assertSecurityGroup(support_request,
[support_request.Base_getOwnerId(), 'R-MEMBER'], False) [support_request.Base_getOwnerId(), 'R-MEMBER'], False)
self.assertRoles(support_request, support_request.Base_getOwnerId(), ['Owner']) self.assertRoles(support_request, support_request.Base_getOwnerId(), ['Owner'])
...@@ -1470,12 +1882,12 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin): ...@@ -1470,12 +1882,12 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
self.assertPermissionsOfRole(support_request, 'Auditor', self.assertPermissionsOfRole(support_request, 'Auditor',
['Access contents information', 'View']) ['Access contents information', 'View'])
def test_SourceProject(self): def test_SupportRequest_SourceProject(self):
project = self.addProject() project = self.addProject()
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
source_project_value=project) source_project_value=project)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, [self.user_id, self.assertSecurityGroup(support_request, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
...@@ -1483,12 +1895,12 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin): ...@@ -1483,12 +1895,12 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor']) self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee']) self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
def test_DestinationProject(self): def test_SupportRequest_DestinationProject(self):
project = self.addProject() project = self.addProject()
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
destination_project_value=project) destination_project_value=project)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, [self.user_id, self.assertSecurityGroup(support_request, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
...@@ -1497,88 +1909,38 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin): ...@@ -1497,88 +1909,38 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee']) self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
class TestWebPageModule(TestSlapOSGroupRoleSecurityMixin): class TestRegularisationRequestModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test(self):
module = self.portal.web_page_module module = self.portal.regularisation_request_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-MARKETING*', self.user_id], True) ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
self.assertRoles(module, 'F-MARKETING*', ['Auditor', 'Author']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestWebPage(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Page')
document.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestWebTable(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Table')
document.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestWebIllustration(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Illustration')
document.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestIntegrationTool(TestSlapOSGroupRoleSecurityMixin): class TestRegularisationRequest(TestSupportRequest):
def test(self): ticket_portal_type = 'Regularisation Request'
module = self.portal.portal_integrations
self.changeOwnership(module)
self.assertSecurityGroup(module,
['R-SHADOW-PERSON', 'ERP5TypeTestCase', 'G-COMPANY'], False)
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, 'ERP5TypeTestCase', ['Owner'])
class TestIntegrationSite(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.portal_integrations
self.changeOwnership(module)
product = module.newContent(
portal_type='Integration Site')
self.assertSecurityGroup(product,
['R-SHADOW-PERSON', self.user_id, 'G-COMPANY'], False)
self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor', 'Author'])
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestSystemEventModule(TestSlapOSGroupRoleSecurityMixin): class TestSystemEventModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test_SystemEventModule(self):
module = self.portal.system_event_module module = self.portal.system_event_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['R-SHADOW-PERSON', self.user_id, 'F-IS*'], False) ['R-SHADOW-PERSON', module.Base_getOwnerId(), 'F-IS*'], False)
self.assertRoles(module, 'R-SHADOW-PERSON', ['Author']) self.assertRoles(module, 'R-SHADOW-PERSON', ['Author'])
self.assertRoles(module, 'F-IS*', ['Auditor']) self.assertRoles(module, 'F-IS*', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin): class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin):
def test_default(self): def test_PayzenEvent_default(self):
event = self.portal.system_event_module.newContent( event = self.portal.system_event_module.newContent(
portal_type='Payzen Event') portal_type='Payzen Event')
event.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(event, self.assertSecurityGroup(event,
['F-IS*', self.user_id], False) ['F-IS*', self.user_id], False)
self.assertRoles(event, 'F-IS*', ['Auditor']) self.assertRoles(event, 'F-IS*', ['Auditor'])
self.assertRoles(event, self.user_id, ['Owner']) self.assertRoles(event, self.user_id, ['Owner'])
def test_ShadowUser(self): def test_PayzenEvent_ShadowUser(self):
reference = 'TESTPERSON-%s' % self.generateNewId() reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
...@@ -1587,7 +1949,6 @@ class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin): ...@@ -1587,7 +1949,6 @@ class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin):
event.edit( event.edit(
destination_section_value=person, destination_section_value=person,
) )
event.updateLocalRolesOnSecurityGroups()
shadow_user_id = 'SHADOW-%s' % person.getUserId() shadow_user_id = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(event, self.assertSecurityGroup(event,
['F-IS*', self.user_id, shadow_user_id], False) ['F-IS*', self.user_id, shadow_user_id], False)
...@@ -1596,16 +1957,15 @@ class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin): ...@@ -1596,16 +1957,15 @@ class TestPayzenEvent(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(event, self.user_id, ['Owner']) self.assertRoles(event, self.user_id, ['Owner'])
class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin): class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin):
def test_default(self): def test_WechatEvent_default(self):
event = self.portal.system_event_module.newContent( event = self.portal.system_event_module.newContent(
portal_type='Wechat Event') portal_type='Wechat Event')
event.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(event, self.assertSecurityGroup(event,
['F-IS*', self.user_id], False) ['F-IS*', self.user_id], False)
self.assertRoles(event, 'F-IS*', ['Auditor']) self.assertRoles(event, 'F-IS*', ['Auditor'])
self.assertRoles(event, self.user_id, ['Owner']) self.assertRoles(event, self.user_id, ['Owner'])
def test_ShadowUser(self): def test_WechatEvent_ShadowUser(self):
reference = 'TESTPERSON-%s' % self.generateNewId() reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
...@@ -1614,7 +1974,6 @@ class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin): ...@@ -1614,7 +1974,6 @@ class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin):
event.edit( event.edit(
destination_section_value=person, destination_section_value=person,
) )
event.updateLocalRolesOnSecurityGroups()
shadow_user_id = 'SHADOW-%s' % person.getUserId() shadow_user_id = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(event, self.assertSecurityGroup(event,
['F-IS*', self.user_id, shadow_user_id], False) ['F-IS*', self.user_id, shadow_user_id], False)
...@@ -1622,250 +1981,46 @@ class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin): ...@@ -1622,250 +1981,46 @@ class TestWechatEvent(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(event, shadow_user_id, ['Assignee']) self.assertRoles(event, shadow_user_id, ['Assignee'])
self.assertRoles(event, self.user_id, ['Owner']) self.assertRoles(event, self.user_id, ['Owner'])
class TestSecurePaymentTool(TestSlapOSGroupRoleSecurityMixin):
def test_no_permissions_for_users(self):
tool = self.portal.portal_secure_payments
self.assertPermissionsOfRole(tool, 'Anonymous', [])
self.assertPermissionsOfRole(tool, 'Assignee', [])
self.assertPermissionsOfRole(tool, 'Assignor', [])
self.assertPermissionsOfRole(tool, 'Associate', [])
self.assertPermissionsOfRole(tool, 'Auditor', [])
self.assertPermissionsOfRole(tool, 'Authenticated', [])
self.assertPermissionsOfRole(tool, 'Author', [])
self.assertPermissionsOfRole(tool, 'Member', [])
self.assertPermissionsOfRole(tool, 'Owner', [])
self.assertPermissionsOfRole(tool, 'Reviewer', [])
self.assertAcquiredPermissions(tool, ['Add ERP5 SQL Methods'])
class TestBusinessProcessModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.business_process_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id, 'R-MEMBER'], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor'])
self.assertRoles(module, 'R-MEMBER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestBusinessProcess(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.business_process_module.newContent(
portal_type='Business Process')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Auditor'])
self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestRegularisationRequestModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.regularisation_request_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', self.user_id], True)
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestRegularisationRequest(TestSupportRequest):
ticket_portal_type = 'Regularisation Request'
class TestInvitationTokenModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.invitation_token_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', self.user_id], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestContractInvitationToken(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.invitation_token_module.newContent(
portal_type='Contract Invitation Token')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestAccessTokenModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.access_token_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['G-COMPANY', 'R-MEMBER', self.user_id], False)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, 'R-MEMBER', ['Author'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestOneTimeRestrictedAccessToken(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.access_token_module.newContent(
portal_type='One Time Restricted Access Token')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestRestrictedAccessToken(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
product = self.portal.access_token_module.newContent(
portal_type='Restricted Access Token')
product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestConsumptionDocumentModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.consumption_document_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
['R-COMPUTER', 'R-MEMBER', self.user_id, 'G-COMPANY'], False)
self.assertRoles(module, 'R-COMPUTER', ['Author'])
self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestComputerConsumptionTioXMLFile(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
text = self.portal.consumption_document_module.newContent(
portal_type='Computer Consumption TioXML File')
self.assertSecurityGroup(text,
['G-COMPANY', self.user_id],
False)
self.assertRoles(text, 'G-COMPANY', ['Assignor'])
self.assertRoles(text, self.user_id, ['Owner'])
class TestUserConsumptionHTMLFile(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
text = self.portal.consumption_document_module.newContent(
portal_type='User Consumption HTML File')
self.assertSecurityGroup(text,
['G-COMPANY', self.user_id],
False)
self.assertRoles(text, 'G-COMPANY', ['Assignor'])
self.assertRoles(text, self.user_id, ['Owner'])
def test_CustomerAssignee(self):
customer_reference = 'TESTPERSON-%s' % self.generateNewId()
customer = self.portal.person_module.newContent(
portal_type='Person', reference=customer_reference)
reference = 'TESTRC-%s' % self.generateNewId()
html_document = self.portal.consumption_document_module.newContent(
portal_type='User Consumption HTML File', reference=reference,
contributor=customer.getRelativeUrl())
html_document.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(html_document,
['G-COMPANY', customer.getUserId(), self.user_id], False)
self.assertRoles(html_document, 'G-COMPANY', ['Assignor'])
self.assertRoles(html_document, customer.getUserId(), ['Assignee'])
self.assertRoles(html_document, self.user_id, ['Owner'])
class TestDocumentModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.document_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
[self.user_id, 'G-COMPANY'], False)
self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestPDF(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
text = self.portal.document_module.newContent(
portal_type='PDF')
self.assertSecurityGroup(text,
['G-COMPANY', self.user_id],
False)
self.assertRoles(text, 'G-COMPANY', ['Assignor'])
self.assertRoles(text, self.user_id, ['Owner'])
class TestCloudContractModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.cloud_contract_module
self.changeOwnership(module)
self.assertSecurityGroup(module,
[self.user_id, 'G-COMPANY', 'R-MEMBER', 'R-SHADOW-PERSON'], False)
self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor'])
self.assertRoles(module, 'R-MEMBER', ['Auditor'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner'])
class TestCloudContract(TestSlapOSGroupRoleSecurityMixin):
def test_GroupCompany(self):
contract = self.portal.cloud_contract_module.newContent(
portal_type='Cloud Contract')
self.assertSecurityGroup(contract,
['G-COMPANY', 'R-SHADOW-PERSON', self.user_id],
False)
self.assertRoles(contract, 'G-COMPANY', ['Assignor'])
self.assertRoles(contract, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(contract, self.user_id, ['Owner'])
def test_Customer(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
contract = person.Person_generateCloudContract(batch=True)
self.assertSecurityGroup(contract,
['G-COMPANY', person.getUserId(), 'R-SHADOW-PERSON', self.user_id], False)
self.assertRoles(contract, 'G-COMPANY', ['Assignor'])
self.assertRoles(contract, person.getUserId(), ['Auditor'])
self.assertRoles(contract, 'R-SHADOW-PERSON', ['Auditor'])
self.assertRoles(contract, self.user_id, ['Owner'])
class TestUpgradeDecisionModule(TestSlapOSGroupRoleSecurityMixin): class TestUpgradeDecisionModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test(self):
module = self.portal.upgrade_decision_module module = self.portal.upgrade_decision_module
self.changeOwnership(module)
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['F-PRODUCTION*', 'F-CUSTOMER', self.user_id], True) ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
self.assertRoles(module, 'F-PRODUCTION*', ['Auditor']) self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
self.assertRoles(module, 'F-CUSTOMER', ['Auditor']) self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestUpgradeDecision(TestSlapOSGroupRoleSecurityMixin): class TestUpgradeDecision(TestSlapOSGroupRoleSecurityMixin):
ticket_portal_type = 'Upgrade Decision' ticket_portal_type = 'Upgrade Decision'
def test_default(self): def test_UpgradeDecision_default(self):
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type) portal_type=self.ticket_portal_type)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, self.assertSecurityGroup(support_request,
[self.user_id], False) [self.user_id], False)
self.assertRoles(support_request, self.user_id, ['Owner']) self.assertRoles(support_request, self.user_id, ['Owner'])
def test_Customer(self): def test_UpgradeDecision_Customer(self):
reference = 'TESTPERSON-%s' % self.generateNewId() reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person', person = self.portal.person_module.newContent(portal_type='Person',
reference=reference) reference=reference)
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
destination_decision_value=person, destination_decision_value=person,
) )
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, self.assertSecurityGroup(support_request,
[person.getUserId(), self.user_id], False) [person.getUserId(), self.user_id], False)
self.assertRoles(support_request, person.getUserId(), ['Assignee']) self.assertRoles(support_request, person.getUserId(), ['Auditor'])
self.assertRoles(support_request, self.user_id, ['Owner']) self.assertRoles(support_request, self.user_id, ['Owner'])
def test_SourceProject(self): def test_UpgradeDecision_SourceProject(self):
project = self.addProject() project = self.addProject()
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
source_project_value=project) source_project_value=project)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, [self.user_id, self.assertSecurityGroup(support_request, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
...@@ -1873,15 +2028,69 @@ class TestUpgradeDecision(TestSlapOSGroupRoleSecurityMixin): ...@@ -1873,15 +2028,69 @@ class TestUpgradeDecision(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor']) self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee']) self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
def test_DestinationProject(self): def test_UpgradeDecision_DestinationProject(self):
project = self.addProject() project = self.addProject()
support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent( support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
portal_type=self.ticket_portal_type, portal_type=self.ticket_portal_type)
support_request.edit(
destination_project_value=project) destination_project_value=project)
support_request.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(support_request, [self.user_id, self.assertSecurityGroup(support_request, [self.user_id,
'%s_F-PRODAGNT' % project.getReference(), '%s_F-PRODAGNT' % project.getReference(),
'%s_F-PRODMAN' % project.getReference()], False) '%s_F-PRODMAN' % project.getReference()], False)
self.assertRoles(support_request, self.user_id, ['Owner']) self.assertRoles(support_request, self.user_id, ['Owner'])
self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor']) self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee']) self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
class TestWebPageModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.web_page_module
self.assertSecurityGroup(module,
['F-MARKETING*', module.Base_getOwnerId()], True)
self.assertRoles(module, 'F-MARKETING*', ['Auditor', 'Author'])
self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
class TestWebPage(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Page')
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestWebTable(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Table')
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestWebIllustration(TestSlapOSGroupRoleSecurityMixin):
def test_MarketingFunction(self):
document = self.portal.web_page_module.newContent(
portal_type='Web Illustration')
self.assertSecurityGroup(document,
['F-MARKETING*', self.user_id], False)
self.assertRoles(document, 'F-MARKETING*', ['Assignor'])
self.assertRoles(document, self.user_id, ['Owner'])
class TestSecurePaymentTool(TestSlapOSGroupRoleSecurityMixin):
def test_SecurePaymentTool_no_permissions_for_users(self):
tool = self.portal.portal_secure_payments
self.assertPermissionsOfRole(tool, 'Anonymous', [])
self.assertPermissionsOfRole(tool, 'Assignee', [])
self.assertPermissionsOfRole(tool, 'Assignor', [])
self.assertPermissionsOfRole(tool, 'Associate', [])
self.assertPermissionsOfRole(tool, 'Auditor', [])
self.assertPermissionsOfRole(tool, 'Authenticated', [])
self.assertPermissionsOfRole(tool, 'Author', [])
self.assertPermissionsOfRole(tool, 'Member', [])
self.assertPermissionsOfRole(tool, 'Owner', [])
self.assertPermissionsOfRole(tool, 'Reviewer', [])
self.assertAcquiredPermissions(tool, ['Add ERP5 SQL Methods'])
master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
View file @ 363b6523
...@@ -34,76 +34,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -34,76 +34,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.person_reference = self.person_user.getReference() self.person_reference = self.person_user.getReference()
self.person_user_id = self.person_user.getUserId() self.person_user_id = self.person_user.getUserId()
def test_ComputerModel_edit(self):
self._makePerson()
model = self.portal.computer_model_module.newContent(
portal_type='Computer Model')
self.assertSecurityGroup(model, ['G-COMPANY', self.user_id], False)
model.edit(source_administration=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(model,
['G-COMPANY', self.user_id, self.person_user_id], False)
def test_ComputerNetwork_edit(self):
self._makePerson()
network = self.portal.computer_network_module.newContent(
portal_type='Computer Network')
self.assertSecurityGroup(network, ['G-COMPANY', self.user_id,
'R-SHADOW-PERSON'], False)
network.edit(source_administration=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(network,
['G-COMPANY', self.user_id, self.person_user_id, 'R-SHADOW-PERSON'],
False)
def test_ComputeNode_setUserId(self):
compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node')
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id, compute_node.getUserId()], False)
compute_node.edit(user_id=None)
self.commit()
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id], False)
def test_ComputeNode_setSourceAdministration(self):
self._makePerson()
compute_node = self.portal.compute_node_module.newContent(
portal_type='Compute Node')
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id, compute_node.getUserId()], False)
compute_node.edit(source_administration=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id,
self.person_user_id, compute_node.getUserId()], False)
def test_ComputeNode_setAllocationScope(self):
compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node')
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id,
compute_node.getUserId()], False)
compute_node.edit(allocation_scope='open/public')
self.commit()
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id,
'R-SHADOW-PERSON', compute_node.getUserId()], False)
def test_ComputeNode_setDestinationSection(self):
self._makePerson()
compute_node = self.portal.compute_node_module.newContent(
portal_type='Compute Node')
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id,
compute_node.getUserId()], False)
compute_node.edit(source_administration=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(compute_node, ['G-COMPANY', self.user_id,
self.person_user_id, compute_node.getUserId()], False)
def test_ComputeNode_reindexObject(self): def test_ComputeNode_reindexObject(self):
compute_node = self.portal.compute_node_module.template_compute_node\ compute_node = self.portal.compute_node_module.template_compute_node\
...@@ -130,35 +60,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -130,35 +60,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.assertEqual(comment, self.assertEqual(comment,
compute_node.workflow_history['edit_workflow'][-1]['comment']) compute_node.workflow_history['edit_workflow'][-1]['comment'])
def test_InstanceTree_setReference(self):
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree')
self.assertSecurityGroup(instance_tree, [self.user_id,
instance_tree.getId(), 'G-COMPANY'],
False)
instance_tree.edit(reference='TESTHS-%s' % self.generateNewId())
self.commit()
self.assertSecurityGroup(instance_tree, [self.user_id,
instance_tree.getReference(), 'G-COMPANY'], False)
def test_InstanceTree_setDestinationSection(self):
self._makePerson()
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree')
self.assertSecurityGroup(instance_tree, [self.user_id,
instance_tree.getId(), 'G-COMPANY'],
False)
instance_tree.edit(
destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(instance_tree, [self.user_id,
instance_tree.getId(), self.person_user.getUserId(),
'G-COMPANY'],
False)
def test_Person_setReference(self): def test_Person_setReference(self):
# Due the change of security the interaction workflow don't trigger # Due the change of security the interaction workflow don't trigger
...@@ -182,177 +83,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -182,177 +83,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY', self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY',
person.getUserId(), 'SHADOW-%s' % person.getUserId()], False) person.getUserId(), 'SHADOW-%s' % person.getUserId()], False)
def test_SoftwareInstallation_setAggregate(self):
installation = self.portal.software_installation_module.newContent(
portal_type='Software Installation')
self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY'], False)
compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node',
reference='TESTC-%s' % self.generateNewId())
installation.edit(aggregate=compute_node.getRelativeUrl())
self.commit()
self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY',
compute_node.getUserId()], False)
def test_SoftwareInstallation_setDestinationSection(self):
installation = self.portal.software_installation_module.newContent(
portal_type='Software Installation')
self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY'], False)
self._makePerson()
installation.edit(destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY',
self.person_user.getUserId()], False)
def test_SoftwareInstance_setSpecialise(self):
software_instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance')
self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY'],
False)
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference='TESTHS-%s' %
self.generateNewId())
software_instance.edit(specialise=instance_tree.getRelativeUrl())
self.commit()
self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY',
instance_tree.getReference()], False)
def test_SoftwareInstance_setAggregate(self):
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference='TESTHS-%s' %
self.generateNewId())
software_instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance',
specialise=instance_tree.getRelativeUrl())
certificate_login = software_instance.newContent(
portal_type='Certificate Login')
self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY',
instance_tree.getReference()],
False)
self.assertSecurityGroup(certificate_login, [self.user_id,
software_instance.getUserId()],
False)
compute_node = self.portal.compute_node_module.template_compute_node\
.Base_createCloneDocument(batch_mode=1)
compute_node.edit(reference='TESTC-%s' % self.generateNewId())
partition = compute_node.newContent(portal_type='Compute Partition')
self.portal.portal_workflow._jumpToStateFor(partition, 'busy')
self.assertSecurityGroup(partition, [self.user_id],
True)
software_instance.edit(aggregate=partition.getRelativeUrl())
self.tic()
self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY',
compute_node.getUserId(), instance_tree.getReference()], False)
self.assertSecurityGroup(partition, [self.user_id,
instance_tree.getReference()], True)
self.assertSecurityGroup(certificate_login, [self.user_id,
compute_node.getUserId(), software_instance.getUserId()],
False)
def test_SlaveInstance_setSpecialise(self):
slave_instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance')
self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY'],
False)
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference='TESTHS-%s' %
self.generateNewId())
slave_instance.edit(specialise=instance_tree.getRelativeUrl())
self.commit()
self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY',
instance_tree.getReference()], False)
def test_SlaveInstance_setAggregate(self):
instance_tree = self.portal.instance_tree_module.newContent(
portal_type='Instance Tree', reference='TESTHS-%s' %
self.generateNewId())
software_instance = self.portal.software_instance_module.newContent(
portal_type='Software Instance',
reference='TESTSO-%s' % self.generateNewId(),
specialise=instance_tree.getRelativeUrl())
software_instance.validate()
slave_instance = self.portal.software_instance_module.newContent(
portal_type='Slave Instance',
specialise=instance_tree.getRelativeUrl())
self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY',
instance_tree.getReference()],
False)
compute_node = self.portal.compute_node_module.template_compute_node\
.Base_createCloneDocument(batch_mode=1)
compute_node.edit(reference='TESTC-%s' % self.generateNewId())
partition = compute_node.newContent(portal_type='Compute Partition')
software_instance.edit(aggregate=partition.getRelativeUrl())
self.portal.portal_workflow._jumpToStateFor(partition, 'busy')
self.tic()
slave_instance.edit(aggregate=partition.getRelativeUrl())
self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY',
software_instance.getUserId(), compute_node.getUserId(),
instance_tree.getReference()], False)
def test_PaymentTransaction_setDestinationSection(self):
self._makePerson()
payment_transaction = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY', 'R-SHADOW-PERSON'],
False)
payment_transaction.edit(
destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getUserId(),
self.person_user.getUserId()],
False)
def test_PayzenEvent_setDestinationSection(self):
self._makePerson()
event = self.portal.system_event_module.newContent(
portal_type='Payzen Event')
self.assertSecurityGroup(event, [self.user_id,
'G-COMPANY'],
False)
event.edit(
destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getUserId()],
False)
def test_WechatEvent_setDestinationSection(self):
self._makePerson()
event = self.portal.system_event_module.newContent(
portal_type='Payzen Event')
self.assertSecurityGroup(event, [self.user_id,
'G-COMPANY'],
False)
event.edit(
destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getUserId()],
False)
def test_IntegrationSite_reindexObject(self): def test_IntegrationSite_reindexObject(self):
integration_site = self.portal.portal_integrations.newContent( integration_site = self.portal.portal_integrations.newContent(
...@@ -379,285 +109,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -379,285 +109,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.assertEqual(comment, self.assertEqual(comment,
integration_site.workflow_history['edit_workflow'][-1]['comment']) integration_site.workflow_history['edit_workflow'][-1]['comment'])
def test_SaleInvoiceTransaction_setDestinationSection(self):
self._makePerson()
sale_invoice_transaction = self.portal.accounting_module.newContent(
portal_type='Sale Invoice Transaction')
self.assertSecurityGroup(sale_invoice_transaction, [self.user_id,
'G-COMPANY', 'R-SHADOW-PERSON'],
False)
sale_invoice_transaction.edit(
destination_section=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(sale_invoice_transaction, [self.user_id,
'G-COMPANY', self.person_user.getUserId(), 'R-SHADOW-PERSON'],
False)
def test_SupportRequest_setDestinationDecision(self):
self._makePerson()
support_request = self.portal.support_request_module.newContent(
portal_type='Support Request')
self.assertSecurityGroup(support_request, ['G-COMPANY', self.user_id], False)
support_request.edit(destination_decision=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(support_request, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_RegularisationRequest_setDestinationDecision(self):
self._makePerson()
regularisation_request = self.portal.regularisation_request_module.newContent(
portal_type='Regularisation Request')
self.assertSecurityGroup(regularisation_request, ['G-COMPANY', self.user_id], False)
regularisation_request.edit(destination_decision=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(regularisation_request, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Acknowledgement_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Acknowledgement')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Acknowledgement_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Acknowledgement')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_FaxMessage_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Fax Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_FaxMessage_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Fax Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Letter_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Letter')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Letter_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Letter')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_MailMessage_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Mail Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_MailMessage_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Mail Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Note_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Note')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Note_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Note')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_PhoneCall_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Phone Call')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_PhoneCall_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Phone Call')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_ShortMessage_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Short Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_ShortMessage_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Short Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_SiteMessage_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Site Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_SiteMessage_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Site Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Visit_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Visit')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_Visit_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Visit')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_WebMessage_setDestination(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Web Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(destination=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_WebMessage_setSource(self):
self._makePerson()
event = self.portal.event_module.newContent(
portal_type='Web Message')
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id], False)
event.edit(source=self.person_user.getRelativeUrl())
self.commit()
self.assertSecurityGroup(event, ['G-COMPANY', self.user_id,
self.person_user_id], False)
def test_SalePackingList_setSpecialise(self): def test_SalePackingList_setSpecialise(self):
self._makePerson() self._makePerson()
...@@ -892,4 +344,4 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -892,4 +344,4 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
project.getReference()], False) project.getReference()], False)
self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY', self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY',
project.getReference()], False) project.getReference()], False)
\ No newline at end of file
master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_ComputeNode_edit.xml
View file @ 363b6523
...@@ -35,6 +35,7 @@ ...@@ -35,6 +35,7 @@
<string>Compute Node</string> <string>Compute Node</string>
<string>Instance Node</string> <string>Instance Node</string>
<string>Remote Node</string> <string>Remote Node</string>
<string>Computer Model</string>
</tuple> </tuple>
</value> </value>
</item> </item>
...@@ -54,10 +55,6 @@ ...@@ -54,10 +55,6 @@
<tuple> <tuple>
<string>_setUserId.*</string> <string>_setUserId.*</string>
<string>_setFollowUp.*</string> <string>_setFollowUp.*</string>
<string>_setAllocationScope.*</string>
<string>_setDestinationSection.*</string>
<string>validate</string>
<string>invalidate</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_PaymentTransaction_edit.xml
View file @ 363b6523
...@@ -51,6 +51,7 @@ ...@@ -51,6 +51,7 @@
<value> <value>
<tuple> <tuple>
<string>_setDestinationSection.*</string> <string>_setDestinationSection.*</string>
<string>_setLedger.*</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SaleInvoiceTransaction_edit.xml
View file @ 363b6523
...@@ -33,6 +33,9 @@ ...@@ -33,6 +33,9 @@
<value> <value>
<tuple> <tuple>
<string>Sale Invoice Transaction</string> <string>Sale Invoice Transaction</string>
<string>Accounting Transaction</string>
<string>Balance Transaction</string>
<string>Purchase Invoice Transaction</string>
</tuple> </tuple>
</value> </value>
</item> </item>
...@@ -51,6 +54,7 @@ ...@@ -51,6 +54,7 @@
<value> <value>
<tuple> <tuple>
<string>_setDestinationSection.*</string> <string>_setDestinationSection.*</string>
<string>_setLedger.*</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SupportRequest_edit.xml
View file @ 363b6523
...@@ -33,6 +33,8 @@ ...@@ -33,6 +33,8 @@
<value> <value>
<tuple> <tuple>
<string>Support Request</string> <string>Support Request</string>
<string>Upgrade Decision</string>
<string>Regularisation Request</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
master/bt5/slapos_erp5/bt/template_portal_type_workflow_chain_list
View file @ 363b6523
Accounting Transaction | local_permission_slapos_interaction_workflow
Acknowledgement | local_permission_slapos_interaction_workflow Acknowledgement | local_permission_slapos_interaction_workflow
Allocation Supply | local_permission_slapos_interaction_workflow Allocation Supply | local_permission_slapos_interaction_workflow
Balance Transaction | local_permission_slapos_interaction_workflow
Cloud Contract | local_permission_slapos_interaction_workflow Cloud Contract | local_permission_slapos_interaction_workflow
Compute Node | local_permission_slapos_interaction_workflow Compute Node | local_permission_slapos_interaction_workflow
Compute Node | slapos_erp5_interaction_workflow Compute Node | slapos_erp5_interaction_workflow
...@@ -26,9 +28,11 @@ Payment Transaction | local_permission_slapos_interaction_workflow ...@@ -26,9 +28,11 @@ Payment Transaction | local_permission_slapos_interaction_workflow
Payzen Event | local_permission_slapos_interaction_workflow Payzen Event | local_permission_slapos_interaction_workflow
Person | local_permission_slapos_interaction_workflow Person | local_permission_slapos_interaction_workflow
Project | local_permission_slapos_interaction_workflow Project | local_permission_slapos_interaction_workflow
Purchase Invoice Transaction | local_permission_slapos_interaction_workflow
Purchase Packing List Cell | -immobilisation_movement_interaction_workflow Purchase Packing List Cell | -immobilisation_movement_interaction_workflow
Purchase Packing List Line | -immobilisation_movement_interaction_workflow Purchase Packing List Line | -immobilisation_movement_interaction_workflow
Purchase Packing List | -immobilisation_movement_interaction_workflow Purchase Packing List | -immobilisation_movement_interaction_workflow
Regularisation Request | local_permission_slapos_interaction_workflow
Remote Node | local_permission_slapos_interaction_workflow Remote Node | local_permission_slapos_interaction_workflow
Restricted Access Token | local_permission_slapos_interaction_workflow Restricted Access Token | local_permission_slapos_interaction_workflow
Sale Invoice Transaction | local_permission_slapos_interaction_workflow Sale Invoice Transaction | local_permission_slapos_interaction_workflow
...@@ -42,5 +46,6 @@ Software Installation | local_permission_slapos_interaction_workflow ...@@ -42,5 +46,6 @@ Software Installation | local_permission_slapos_interaction_workflow
Software Instance | local_permission_slapos_interaction_workflow Software Instance | local_permission_slapos_interaction_workflow
Software Product | local_permission_slapos_interaction_workflow Software Product | local_permission_slapos_interaction_workflow
Support Request | local_permission_slapos_interaction_workflow Support Request | local_permission_slapos_interaction_workflow
Upgrade Decision | local_permission_slapos_interaction_workflow
Web Message | local_permission_slapos_interaction_workflow Web Message | local_permission_slapos_interaction_workflow
Wechat Event | local_permission_slapos_interaction_workflow Wechat Event | local_permission_slapos_interaction_workflow
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7