From 99de00d94017f592bbc80da0011931f3cb0608af Mon Sep 17 00:00:00 2001 From: Rafael Monnerat <rafael@nexedi.com> Date: Thu, 24 Jan 2013 12:34:37 -0200 Subject: [PATCH] Make possible test Security for Anonymous With this change, by using "None" instead username at any SecurityTestCase assertion, it test security as Anonymous. ie.: self.failIfUserCanViewDocument(None, document) --- product/ERP5Type/tests/SecurityTestCase.py | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/product/ERP5Type/tests/SecurityTestCase.py b/product/ERP5Type/tests/SecurityTestCase.py index 415e9374c8..8f7ce7a466 100644 --- a/product/ERP5Type/tests/SecurityTestCase.py +++ b/product/ERP5Type/tests/SecurityTestCase.py @@ -33,6 +33,7 @@ from pprint import pformat from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManagement import getSecurityManager from AccessControl.SecurityManagement import setSecurityManager +from AccessControl import SpecialUsers from Products.DCWorkflow.Transitions import TRIGGER_USER_ACTION from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase @@ -128,11 +129,15 @@ class SecurityTestCase(ERP5TypeTestCase): def _loginAsUser(self, username): """Login as a given username. The user must exist. + In case Username is None, we consider test as Anonymous. """ - uf = self.getPortal().acl_users - user = uf.getUserById(username) - self.assertNotEquals(user, None, 'No user %s' % username) - newSecurityManager(None, user.__of__(uf)) + if username is None: + newSecurityManager(None, SpecialUsers.nobody) + else: + uf = self.getPortal().acl_users + user = uf.getUserById(username) + self.assertNotEquals(user, None, 'No user %s' % username) + newSecurityManager(None, user.__of__(uf)) # Permission methods failIfUserCanViewDocument = AssertNoPermissionMethod( -- 2.30.9