Commit 34cb2c7b authored by Jérome Perrin's avatar Jérome Perrin

Enable the patch on PropertiedUser to block local roles acquisition.

Add corresponding testing.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10626 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 6154a34c
...@@ -263,6 +263,9 @@ class TestLocalRoleManagement(ERP5TypeTestCase): ...@@ -263,6 +263,9 @@ class TestLocalRoleManagement(ERP5TypeTestCase):
def _getTypeInfo(self): def _getTypeInfo(self):
return self.getTypesTool()['Organisation'] return self.getTypesTool()['Organisation']
def _getModuleTypeInfo(self):
return self.getTypesTool()['Organisation Module']
def _makeOne(self): def _makeOne(self):
return self.getOrganisationModule().newContent(portal_type='Organisation') return self.getOrganisationModule().newContent(portal_type='Organisation')
...@@ -318,7 +321,32 @@ class TestLocalRoleManagement(ERP5TypeTestCase): ...@@ -318,7 +321,32 @@ class TestLocalRoleManagement(ERP5TypeTestCase):
getSecurityManager().getUser().getRolesInContext(obj)) getSecurityManager().getUser().getRolesInContext(obj))
def testAcquireLocalRoles(self): def testAcquireLocalRoles(self):
return NotImplemented # TODO """Tests that document does not acquire loal roles from their parents if
"acquire local roles" is not checked."""
ti = self._getTypeInfo()
ti.acquire_local_roles = False
module_ti = self._getModuleTypeInfo()
module_ti.addRole(id='Assignor', description='desc.',
name='an Assignor role for testing',
condition='',
category=self.defined_category,
base_category_script='ERP5Type_getSecurityCategoryFromAssignment',
base_category='')
obj = self._makeOne()
module = obj.getParentValue()
module.updateLocalRolesOnSecurityGroups()
# we said the we do not want acquire local roles.
self.failIf(obj._getAcquireLocalRoles())
# the local role is set on the module
self.assertEquals(['Assignor'], module.__ac_local_roles__.get('F1_G1_S1'))
# but not on the document
self.assertEquals(None, obj.__ac_local_roles__.get('F1_G1_S1'))
# same testing with roles in context.
self.loginAsUser(self.username)
self.failUnless('Assignor' in
getSecurityManager().getUser().getRolesInContext(module))
self.failIf('Assignor' in
getSecurityManager().getUser().getRolesInContext(obj))
if __name__ == '__main__': if __name__ == '__main__':
framework() framework()
......
...@@ -19,7 +19,9 @@ ...@@ -19,7 +19,9 @@
from Acquisition import aq_inner, aq_parent from Acquisition import aq_inner, aq_parent
try: try:
from PluggableAuthService.PropertiedUser import PropertiedUser from Products.PluggableAuthService.PropertiedUser import PropertiedUser
from Products.PluggableAuthService.PropertiedUser import\
_what_not_even_god_should_do
except ImportError: except ImportError:
PropertiedUser = None PropertiedUser = None
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment