From 99de00d94017f592bbc80da0011931f3cb0608af Mon Sep 17 00:00:00 2001
From: Rafael Monnerat <rafael@nexedi.com>
Date: Thu, 24 Jan 2013 12:34:37 -0200
Subject: [PATCH] Make possible test Security for Anonymous

 With this change, by using "None" instead username at any SecurityTestCase
 assertion, it test security as Anonymous. ie.:
   self.failIfUserCanViewDocument(None, document)
---
 product/ERP5Type/tests/SecurityTestCase.py | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/product/ERP5Type/tests/SecurityTestCase.py b/product/ERP5Type/tests/SecurityTestCase.py
index 415e9374c8..8f7ce7a466 100644
--- a/product/ERP5Type/tests/SecurityTestCase.py
+++ b/product/ERP5Type/tests/SecurityTestCase.py
@@ -33,6 +33,7 @@ from pprint import pformat
 from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl.SecurityManagement import getSecurityManager
 from AccessControl.SecurityManagement import setSecurityManager
+from AccessControl import SpecialUsers
 from Products.DCWorkflow.Transitions import TRIGGER_USER_ACTION
 
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
@@ -128,11 +129,15 @@ class SecurityTestCase(ERP5TypeTestCase):
 
   def _loginAsUser(self, username):
     """Login as a given username. The user must exist.
+       In case Username is None, we consider test as Anonymous.
     """
-    uf = self.getPortal().acl_users
-    user = uf.getUserById(username)
-    self.assertNotEquals(user, None, 'No user %s' % username)
-    newSecurityManager(None, user.__of__(uf))
+    if username is None:
+      newSecurityManager(None, SpecialUsers.nobody)
+    else:
+      uf = self.getPortal().acl_users
+      user = uf.getUserById(username)
+      self.assertNotEquals(user, None, 'No user %s' % username)
+      newSecurityManager(None, user.__of__(uf))
   
   # Permission methods
   failIfUserCanViewDocument = AssertNoPermissionMethod(
-- 
2.30.9