Commit 4f275edf authored by Nicolas Delaby's avatar Nicolas Delaby

Test Security Cataloging with ERP5Security

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19173 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent a8762692
......@@ -1708,6 +1708,73 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
local_roles='Assignee')[0][0])
def test_50_bis_LocalRolesArgumentWithERP5Security(self, quiet=quiet, run=run_all_test):
"""test local_roles= argument with ERP5Security
"""
if not run: return
if not quiet:
message = 'local_roles= argument with ERP5Security'
ZopeTestCase._print('\n%s ' % message)
LOG('Testing... ',0,message)
login = PortalTestCase.login
#Testing Security By ERP5Security Role Generation
#Create Categories and PortalType RoleInformation
self.login()
folder = self.getOrganisationModule()
ob1 = folder.newContent(title='Object Title')
ob2 = folder.newContent(title='Object Title')
ob2.manage_addLocalRoles('bob', ['Assignee'])
cat_tool = self.getPortal().portal_categories
cat_tool.group.newContent(id='company', portal_type='Category')
cat_tool.function.newContent(id='employee', portal_type='Category')
from Products.ERP5Type.RoleInformation import RoleInformation
role_auditor_inf = RoleInformation(id='Auditor',
title='Auditor',
category=('group/company',))
role_assignee_inf = RoleInformation(id='Assignee',
title='Assignee',
category=('group/company',
'function/employee',))
pt = self.getPortal().portal_types.Organisation
pt._roles = (role_auditor_inf, role_assignee_inf)
uf = self.getPortal().acl_users
uf._doAddUser('bob', '', ['Member'], [])
get_transaction().commit()
self.tic()
#Now Update Security
ob1.updateLocalRolesOnSecurityGroups()
ob1.manage_permission('View', ['Auditor', 'Assignor'], 0)
ob1.reindexObject()
#Remove Roles On Organisation Portal Type
pt._roles = ()
get_transaction().commit()
self.tic()
login(self, 'bob')
ctool = self.getCatalogTool()
user = getSecurityManager().getUser()
user._groups.update({'company':1,
'employee_company':1})
self.assertTrue(user.has_permission('View', ob1))
self.assertTrue(user.has_role('Auditor', ob1))
self.assertTrue(user.has_role('Assignee', ob1))
self.assertFalse(user.has_role('Assignor', ob1))
from AccessControl.PermissionRole import rolesForPermissionOn
self.assertTrue('Assignee' not in rolesForPermissionOn('View', ob1))
self.assertEquals(2, len(ctool(title='Object Title',
local_roles='Assignee')))
self.assertEquals(2,
ctool.countResults(title='Object Title',
local_roles='Assignee')[0][0])
# this also work for searchFolder and countFolder
self.assertEquals(2, len(folder.searchFolder(title='Object Title',
local_roles='Assignee')))
self.assertEquals(2, folder.countFolder(title='Object Title',
local_roles='Assignee')[0][0])
def test_51_SearchWithKeyWords(self, quiet=quiet, run=run_all_test):
if not run: return
if not quiet:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment