diff --git a/product/ERP5Security/tests/testERP5Security.py b/product/ERP5Security/tests/testERP5Security.py index e56d29e523eb7eea545e481830a08fff11e94aed..36ae03ba794494fbd23d9f52185d5b6241ddab3b 100644 --- a/product/ERP5Security/tests/testERP5Security.py +++ b/product/ERP5Security/tests/testERP5Security.py @@ -263,6 +263,9 @@ class TestLocalRoleManagement(ERP5TypeTestCase): def _getTypeInfo(self): return self.getTypesTool()['Organisation'] + def _getModuleTypeInfo(self): + return self.getTypesTool()['Organisation Module'] + def _makeOne(self): return self.getOrganisationModule().newContent(portal_type='Organisation') @@ -318,7 +321,32 @@ class TestLocalRoleManagement(ERP5TypeTestCase): getSecurityManager().getUser().getRolesInContext(obj)) def testAcquireLocalRoles(self): - return NotImplemented # TODO + """Tests that document does not acquire loal roles from their parents if + "acquire local roles" is not checked.""" + ti = self._getTypeInfo() + ti.acquire_local_roles = False + module_ti = self._getModuleTypeInfo() + module_ti.addRole(id='Assignor', description='desc.', + name='an Assignor role for testing', + condition='', + category=self.defined_category, + base_category_script='ERP5Type_getSecurityCategoryFromAssignment', + base_category='') + obj = self._makeOne() + module = obj.getParentValue() + module.updateLocalRolesOnSecurityGroups() + # we said the we do not want acquire local roles. + self.failIf(obj._getAcquireLocalRoles()) + # the local role is set on the module + self.assertEquals(['Assignor'], module.__ac_local_roles__.get('F1_G1_S1')) + # but not on the document + self.assertEquals(None, obj.__ac_local_roles__.get('F1_G1_S1')) + # same testing with roles in context. + self.loginAsUser(self.username) + self.failUnless('Assignor' in + getSecurityManager().getUser().getRolesInContext(module)) + self.failIf('Assignor' in + getSecurityManager().getUser().getRolesInContext(obj)) if __name__ == '__main__': framework() diff --git a/product/ERP5Type/patches/PropertiedUser.py b/product/ERP5Type/patches/PropertiedUser.py index 8d9749e35fcf651638364370d9bc95ce90936f36..eaeac773926d5cc5b37fbaabd2b96553861fe58e 100644 --- a/product/ERP5Type/patches/PropertiedUser.py +++ b/product/ERP5Type/patches/PropertiedUser.py @@ -19,7 +19,9 @@ from Acquisition import aq_inner, aq_parent try: - from PluggableAuthService.PropertiedUser import PropertiedUser + from Products.PluggableAuthService.PropertiedUser import PropertiedUser + from Products.PluggableAuthService.PropertiedUser import\ + _what_not_even_god_should_do except ImportError: PropertiedUser = None