Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
O
officejs-appstore
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Łukasz Nowak
officejs-appstore
Commits
48119d11
Commit
48119d11
authored
Apr 14, 2017
by
Cédric Le Ninivin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
officejs_test: Initial security Test
parent
2162216b
Changes
8
Show whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
237 additions
and
0 deletions
+237
-0
bt5/officejs_test/TestTemplateItem/portal_components/test.erp5.testOfficeJSSecurity.py
...eItem/portal_components/test.erp5.testOfficeJSSecurity.py
+107
-0
bt5/officejs_test/TestTemplateItem/portal_components/test.erp5.testOfficeJSSecurity.xml
...Item/portal_components/test.erp5.testOfficeJSSecurity.xml
+123
-0
bt5/officejs_test/bt/copyright_list
bt5/officejs_test/bt/copyright_list
+1
-0
bt5/officejs_test/bt/dependency_list
bt5/officejs_test/bt/dependency_list
+2
-0
bt5/officejs_test/bt/maintainer_list
bt5/officejs_test/bt/maintainer_list
+1
-0
bt5/officejs_test/bt/template_format_version
bt5/officejs_test/bt/template_format_version
+1
-0
bt5/officejs_test/bt/template_test_id_list
bt5/officejs_test/bt/template_test_id_list
+1
-0
bt5/officejs_test/bt/title
bt5/officejs_test/bt/title
+1
-0
No files found.
bt5/officejs_test/TestTemplateItem/portal_components/test.erp5.testOfficeJSSecurity.py
0 → 100644
View file @
48119d11
##############################################################################
#
# Copyright (c) 2002-2017 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
##############################################################################
from
Products.ERP5Type.tests.SecurityTestCase
import
SecurityTestCase
#from unittest import expectedFailure
#from zLOG import LOG, INFO, ERROR
import
time
TEST_USER_BASE
=
"test_eos_user"
class
TestOfficeJSSecurity
(
SecurityTestCase
):
def
afterSetUp
(
self
):
"""
This is ran before anything, used to set the environment
"""
pass
def
beforeTearDown
(
self
):
pass
def
getTitle
(
self
):
return
"Test OfficeJS Security"
def
getBusinessTemplateList
(
self
):
"""
Tuple of Business Templates we need to install
"""
return
(
'erp5_base'
,)
def
checkNewMember
(
self
,
person
,
website_id
=
"letitseed"
):
self
.
assertEqual
(
repr
(
sorted
(
person
.
getCareerRoleList
())),
repr
([
"author"
]))
assignment
,
=
person
.
searchFolder
(
portal_type
=
"Assignment"
,
validation_state
=
"open"
)
# not "opened"!
self
.
assertEqual
(
repr
(
sorted
(
assignment
.
getCategoryList
())),
repr
([
"role/author"
]))
def
_newMemberNoTicNoCheck
(
self
,
tag
=
"user_creation_in_progress"
,
first_name
=
"John_test"
,
last_name
=
"Smith_test"
,
reference
=
TEST_USER_BASE
,
email
=
"john.smith@test.com"
,
special_id
=
None
):
"""
Add new member using script for the website sign-in
"""
if
special_id
is
not
None
:
reference
+=
"%s"
%
special_id
else
:
reference
+=
"%s"
%
time
.
time
()
# XXX
user_list
=
self
.
portal
.
portal_catalog
(
portal_type
=
"Person"
,
reference
=
reference
)
self
.
assertEqual
(
len
(
user_list
),
0
)
user
=
self
.
portal
.
person_module
.
newContent
(
portal_type
=
"Person"
,
reference
=
reference
,
first_name
=
first_name
,
last_name
=
last_name
,
default_email_coordinate_text
=
email
,
)
user
.
validate
()
assignment
=
user
.
newContent
(
portal_type
=
"Assignment"
,
title
=
reference
)
assignment
.
setCategoryList
([
"role/author"
])
assignment
.
open
()
user
.
setCareerRoleList
([
"author"
])
return
user
def
_newMemberAndTic
(
self
,
*
args
,
**
kwargs
):
user
=
self
.
_newMemberNoTicNoCheck
(
*
args
,
**
kwargs
)
self
.
tic
()
self
.
checkNewMember
(
user
)
return
user
def
test_01_user_see_itself_but_noone_else
(
self
):
person
=
self
.
_newMemberNoTicNoCheck
()
second_user
=
self
.
_newMemberNoTicNoCheck
(
special_id
=
"%s_3"
%
time
.
time
())
self
.
tic
()
self
.
failUnlessUserCanViewDocument
(
person
.
getUserId
(),
person
)
self
.
failIfUserCanModifyDocument
(
person
.
getUserId
(),
person
)
self
.
failIfUserCanViewDocument
(
second_user
.
getUserId
(),
person
)
bt5/officejs_test/TestTemplateItem/portal_components/test.erp5.testOfficeJSSecurity.xml
0 → 100644
View file @
48119d11
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Test Component"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_recorded_property_dict
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAI=
</string>
</persistent>
</value>
</item>
<item>
<key>
<string>
default_reference
</string>
</key>
<value>
<string>
testOfficeJSSecurity
</string>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
test.erp5.testOfficeJSSecurity
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Test Component
</string>
</value>
</item>
<item>
<key>
<string>
sid
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
text_content_error_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
text_content_warning_message
</string>
</key>
<value>
<tuple/>
</value>
</item>
<item>
<key>
<string>
version
</string>
</key>
<value>
<string>
erp5
</string>
</value>
</item>
<item>
<key>
<string>
workflow_history
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAM=
</string>
</persistent>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"2"
aka=
"AAAAAAAAAAI="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary/>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"3"
aka=
"AAAAAAAAAAM="
>
<pickle>
<global
name=
"PersistentMapping"
module=
"Persistence.mapping"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
data
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
component_validation_workflow
</string>
</key>
<value>
<persistent>
<string
encoding=
"base64"
>
AAAAAAAAAAQ=
</string>
</persistent>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</pickle>
</record>
<record
id=
"4"
aka=
"AAAAAAAAAAQ="
>
<pickle>
<global
name=
"WorkflowHistoryList"
module=
"Products.ERP5Type.patches.WorkflowTool"
/>
</pickle>
<pickle>
<tuple>
<none/>
<list>
<dictionary>
<item>
<key>
<string>
action
</string>
</key>
<value>
<string>
validate
</string>
</value>
</item>
<item>
<key>
<string>
validation_state
</string>
</key>
<value>
<string>
validated
</string>
</value>
</item>
</dictionary>
</list>
</tuple>
</pickle>
</record>
</ZopeData>
bt5/officejs_test/bt/copyright_list
0 → 100644
View file @
48119d11
2017
\ No newline at end of file
bt5/officejs_test/bt/dependency_list
0 → 100644
View file @
48119d11
officejs_base
officejs_security
\ No newline at end of file
bt5/officejs_test/bt/maintainer_list
0 → 100644
View file @
48119d11
Cédric Le Ninivin
\ No newline at end of file
bt5/officejs_test/bt/template_format_version
0 → 100644
View file @
48119d11
1
\ No newline at end of file
bt5/officejs_test/bt/template_test_id_list
0 → 100644
View file @
48119d11
test.erp5.testOfficeJSSecurity
\ No newline at end of file
bt5/officejs_test/bt/title
0 → 100644
View file @
48119d11
officejs_test
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment