diff --git a/product/ERP5/tests/testBase.py b/product/ERP5/tests/testBase.py index e69ba629657621f1640608537214844758d9efc7..e5432e5316d49462be4d83acff8066f9fdfb20b7 100644 --- a/product/ERP5/tests/testBase.py +++ b/product/ERP5/tests/testBase.py @@ -72,6 +72,8 @@ class TestBase(ERP5TypeTestCase): defined_property_value = "a_wonderful_title" not_related_to_temp_object_property_id = "string_index" not_related_to_temp_object_property_value = "a_great_index" + + username = 'rc' def getTitle(self): return "Base" @@ -83,8 +85,8 @@ class TestBase(ERP5TypeTestCase): def login(self): uf = self.getPortal().acl_users - uf._doAddUser('rc', '', ['Manager'], []) - user = uf.getUserById('rc').__of__(uf) + uf._doAddUser(self.username, '', ['Manager'], []) + user = uf.getUserById(self.username).__of__(uf) newSecurityManager(None, user) def afterSetUp(self): @@ -961,6 +963,26 @@ class TestBase(ERP5TypeTestCase): props['chain_%s' % id] = ','.join(wf_ids) pw.manage_changeWorkflows('', props = props) + def test_getViewPermissionOwnerDefault(self): + """Test getViewPermissionOwner method behaviour""" + portal = self.getPortal() + obj = portal.organisation_module.newContent(portal_type='Organisation') + self.assertEquals(self.username, obj.getViewPermissionOwner()) + + def test_getViewPermissionOwnerNoOwnerLocalRole(self): + # the actual owner doesn't have Owner local role + portal = self.getPortal() + obj = portal.organisation_module.newContent(portal_type='Organisation') + obj.manage_delLocalRoles(self.username) + self.assertEquals(self.username, obj.getViewPermissionOwner()) + + def test_getViewPermissionOwnerNoViewPermission(self): + # the owner cannot view the object + portal = self.getPortal() + obj = portal.organisation_module.newContent(portal_type='Organisation') + obj.manage_permission('View', [], 0) + self.assertEquals(None, obj.getViewPermissionOwner()) + class TestERP5PropertyManager(unittest.TestCase): """Tests for ERP5PropertyManager. diff --git a/product/ERP5Catalog/tests/testERP5Catalog.py b/product/ERP5Catalog/tests/testERP5Catalog.py index 66c8f0a614514e897fbb216ff83a08abdc89bf20..9ea50dee74e36cadd0a23a86f230d37d3c419917 100644 --- a/product/ERP5Catalog/tests/testERP5Catalog.py +++ b/product/ERP5Catalog/tests/testERP5Catalog.py @@ -68,6 +68,7 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor): # Different variables used for this test run_all_test = 1 quiet = 0 + username = 'seb' def afterSetUp(self): self.login() @@ -85,8 +86,8 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor): def login(self): uf = self.getPortal().acl_users - uf._doAddUser('seb', '', ['Manager'], []) - user = uf.getUserById('seb').__of__(uf) + uf._doAddUser(self.username, '', ['Manager'], []) + user = uf.getUserById(self.username).__of__(uf) newSecurityManager(None, user) def getSQLPathList(self,connection_id=None): @@ -1802,6 +1803,23 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor): sql_src = self.getCatalogTool()(src__=1,**catalog_kw) self.failUnless('TRUNCATE(catalog.uid,2) = 2567.54' in sql_src) + def test_SearchOnOwner(self): + # owner= can be used a search key in the catalog to have all documents for + # a specific owner and on which he have the View permission. + obj = self._makeOrganisation(title='The Document') + obj2 = self._makeOrganisation(title='The Document') + obj2.manage_permission('View', [], 0) + obj2.reindexObject() + get_transaction().commit() + self.tic() + ctool = self.getCatalogTool() + self.assertEquals([obj], [x.getObject() for x in + ctool(title='The Document', + owner=self.username)]) + self.assertEquals([], [x.getObject() for x in + ctool(title='The Document', + owner='somebody else')]) + if __name__ == '__main__': framework() else: diff --git a/product/ERP5Type/Base.py b/product/ERP5Type/Base.py index fb906bdd7bb5db1150900e5a88220c87d47268f2..2356a0a7f773f7189f8213de02f7924cf6b0239f 100644 --- a/product/ERP5Type/Base.py +++ b/product/ERP5Type/Base.py @@ -1432,13 +1432,12 @@ class Base( CopyContainer, security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' ) def getViewPermissionOwner(self): """ - Returns the user ID of the owner if Owner role - has View permission. Returns None else. + Returns the user ID of the owner if this user has View permission, + otherwise returns None. """ - path, user_id = self.getOwnerTuple() - if 'Owner' in rolesForPermissionOn(Permissions.View, self): - path, user_id = self.getOwnerTuple() - return user_id + owner = self.getWrappedOwner() + if owner is not None and owner.has_permission(Permissions.View, self): + return str(owner) return None # Private accessors for the implementation of relations based on