Commit a4e218ee authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Don't set local roles if the Person isn't a real user.

 Check if the user has a login subobject before set local roles on the user.
 Reference is never None.
parent def4fc25
...@@ -7,14 +7,14 @@ ...@@ -7,14 +7,14 @@
<role id='Auditor'> <role id='Auditor'>
<property id='title'>The Shadow User Himself</property> <property id='title'>The Shadow User Himself</property>
<property id='description'>Monovalued role</property> <property id='description'>Monovalued role</property>
<property id='condition'>python: here.getReference('') != ''</property> <property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login"])</property>
<property id='base_category_script'>PersonType_getSecurityCategoryFromSelfShadow</property> <property id='base_category_script'>PersonType_getSecurityCategoryFromSelfShadow</property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Associate'> <role id='Associate'>
<property id='title'>The User Himself</property> <property id='title'>The User Himself</property>
<property id='description'>Monovalued role</property> <property id='description'>Monovalued role</property>
<property id='condition'>python: here.getReference('') != ''</property> <property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login"])</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
......
...@@ -495,13 +495,12 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin): ...@@ -495,13 +495,12 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(person, 'G-COMPANY', ['Assignor']) self.assertRoles(person, 'G-COMPANY', ['Assignor'])
self.assertRoles(person, self.user_id, ['Owner']) self.assertRoles(person, self.user_id, ['Owner'])
def test_TheUserHimself(self): def test_TheUserHimself(self, login_portal_type="ERP5 Login"):
reference = 'TESTPERSON-%s' % self.generateNewId() person = self.portal.person_module.newContent(portal_type='Person')
person = self.portal.person_module.newContent(portal_type='Person', person.newContent(portal_type=login_portal_type)
reference=reference)
person.updateLocalRolesOnSecurityGroups() person.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference shadow_reference = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(person, self.assertSecurityGroup(person,
['G-COMPANY', self.user_id, person.getUserId(), shadow_reference], False) ['G-COMPANY', self.user_id, person.getUserId(), shadow_reference], False)
self.assertRoles(person, 'G-COMPANY', ['Assignor']) self.assertRoles(person, 'G-COMPANY', ['Assignor'])
...@@ -509,6 +508,13 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin): ...@@ -509,6 +508,13 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(person, shadow_reference, ['Auditor']) self.assertRoles(person, shadow_reference, ['Auditor'])
self.assertRoles(person, self.user_id, ['Owner']) self.assertRoles(person, self.user_id, ['Owner'])
# XXX Uncommment once facebook and google login be merged.
# def test_TheUserHimself_Facebook(self):
# self.test_TheUserHimself(login_portal_type="Facebook Login")
# def test_TheUserHimself_Google(self):
# self.test_TheUserHimself(login_portal_type="Google Login")
class TestPersonModule(TestSlapOSGroupRoleSecurityMixin): class TestPersonModule(TestSlapOSGroupRoleSecurityMixin):
def test(self): def test(self):
module = self.portal.person_module module = self.portal.person_module
......
...@@ -141,12 +141,24 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -141,12 +141,24 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
False) False)
def test_Person_setReference(self): def test_Person_setReference(self):
# Due the change of security the interaction workflow don't trigger
# updateLocalRolesOnSecurityGroups.
person = self.portal.person_module.newContent(portal_type='Person') person = self.portal.person_module.newContent(portal_type='Person')
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False) self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
person.edit(reference='TESTPER-%s' % self.generateNewId()) person.edit(reference='TESTPER-%s' % self.generateNewId())
transaction.commit() transaction.commit()
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
def test_Person_newContent(self):
person = self.portal.person_module.newContent(portal_type='Person')
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
person.newContent(portal_type="ERP5 Login")
transaction.commit()
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY', self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY',
person.getUserId(), 'SHADOW-%s' % person.getReference()], False) person.getUserId(), 'SHADOW-%s' % person.getReference()], False)
......
...@@ -52,13 +52,13 @@ ...@@ -52,13 +52,13 @@
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>Person_edit</string> </value> <value> <string>Person_newContent</string> </value>
</item> </item>
<item> <item>
<key> <string>method_id</string> </key> <key> <string>method_id</string> </key>
<value> <value>
<list> <list>
<string>_setReference</string> <string>newContent</string>
</list> </list>
</value> </value>
</item> </item>
...@@ -74,6 +74,12 @@ ...@@ -74,6 +74,12 @@
</list> </list>
</value> </value>
</item> </item>
<item>
<key> <string>portal_type_group_filter</string> </key>
<value>
<none/>
</value>
</item>
<item> <item>
<key> <string>script_name</string> </key> <key> <string>script_name</string> </key>
<value> <value>
......
...@@ -37,23 +37,6 @@ from DateTime import DateTime ...@@ -37,23 +37,6 @@ from DateTime import DateTime
class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase): class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase):
def createPerson(self):
person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
person_user.edit(
title="live_test_%s" % self.new_id,
reference="live_test_%s" % self.new_id,
default_email_text="live_test_%s@example.org" % self.new_id,
)
person_user.validate()
for assignment in person_user.contentValues(portal_type="Assignment"):
assignment.open()
person_user.immediateReindexObject()
transaction.commit()
return person_user
def createComputer(self, person=None): def createComputer(self, person=None):
computer = self.portal.computer_module.newContent( computer = self.portal.computer_module.newContent(
portal_type="Computer", portal_type="Computer",
...@@ -134,7 +117,7 @@ class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase): ...@@ -134,7 +117,7 @@ class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase):
if getattr(self, "person", None) is None: if getattr(self, "person", None) is None:
self.new_id = self.generateNewId() self.new_id = self.generateNewId()
self.person = self.createPerson() self.person = self.makePerson(new_id=self.new_id)
self.computer = self.createComputer(person=self.person) self.computer = self.createComputer(person=self.person)
self.hosting_subscription = self.createHostingSubscription( self.hosting_subscription = self.createHostingSubscription(
person=self.person) person=self.person)
......
...@@ -27,6 +27,7 @@ ...@@ -27,6 +27,7 @@
############################################################################## ##############################################################################
import random import random
import transaction
import unittest import unittest
from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
import functools import functools
...@@ -216,6 +217,39 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -216,6 +217,39 @@ class testSlapOSMixin(ERP5TypeTestCase):
] ]
return result return result
def makePerson(self, new_id=None, index=True, user=True):
if new_id is None:
new_id = self.generateNewId()
# Clone person document
person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
person_user.edit(
title="live_test_%s" % new_id,
reference="live_test_%s" % new_id,
default_email_text="live_test_%s@example.org" % new_id,
)
person_user.validate()
for assignment in person_user.contentValues(portal_type="Assignment"):
assignment.open()
if user:
login = person_user.newContent(
portal_type="ERP5 Login",
reference=person_user.getReference())
login.validate()
if index:
transaction.commit()
person_user.immediateReindexObject()
if user:
login.immediateReindexObject()
return person_user
def _makeTree(self, requested_template_id='template_software_instance'): def _makeTree(self, requested_template_id='template_software_instance'):
new_id = self.generateNewId() new_id = self.generateNewId()
...@@ -229,18 +263,7 @@ class testSlapOSMixin(ERP5TypeTestCase): ...@@ -229,18 +263,7 @@ class testSlapOSMixin(ERP5TypeTestCase):
state="started" state="started"
) )
# Clone person document self.person_user = self.makePerson(new_id=new_id, index=False)
self.person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
self.person_user.edit(
title="live_test_%s" % new_id,
reference="live_test_%s" % new_id,
default_email_text="live_test_%s@example.org" % new_id,
)
self.person_user.validate()
for assignment in self.person_user.contentValues(portal_type="Assignment"):
assignment.open()
self.commit() self.commit()
# prepare part of tree # prepare part of tree
self.hosting_subscription = self.portal.hosting_subscription_module\ self.hosting_subscription = self.portal.hosting_subscription_module\
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment