Commit a4e218ee authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Don't set local roles if the Person isn't a real user.

 Check if the user has a login subobject before set local roles on the user.
 Reference is never None.
parent def4fc25
......@@ -7,14 +7,14 @@
<role id='Auditor'>
<property id='title'>The Shadow User Himself</property>
<property id='description'>Monovalued role</property>
<property id='condition'>python: here.getReference('') != ''</property>
<property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login"])</property>
<property id='base_category_script'>PersonType_getSecurityCategoryFromSelfShadow</property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Associate'>
<property id='title'>The User Himself</property>
<property id='description'>Monovalued role</property>
<property id='condition'>python: here.getReference('') != ''</property>
<property id='condition'>python: here.objectValues(portal_type=["ERP5 Login", "Google Login", "Facebook Login"])</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property>
<multi_property id='base_category'>group</multi_property>
</role>
......
......@@ -495,13 +495,12 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(person, 'G-COMPANY', ['Assignor'])
self.assertRoles(person, self.user_id, ['Owner'])
def test_TheUserHimself(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
def test_TheUserHimself(self, login_portal_type="ERP5 Login"):
person = self.portal.person_module.newContent(portal_type='Person')
person.newContent(portal_type=login_portal_type)
person.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference
shadow_reference = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(person,
['G-COMPANY', self.user_id, person.getUserId(), shadow_reference], False)
self.assertRoles(person, 'G-COMPANY', ['Assignor'])
......@@ -509,6 +508,13 @@ class TestPerson(TestSlapOSGroupRoleSecurityMixin):
self.assertRoles(person, shadow_reference, ['Auditor'])
self.assertRoles(person, self.user_id, ['Owner'])
# XXX Uncommment once facebook and google login be merged.
# def test_TheUserHimself_Facebook(self):
# self.test_TheUserHimself(login_portal_type="Facebook Login")
# def test_TheUserHimself_Google(self):
# self.test_TheUserHimself(login_portal_type="Google Login")
class TestPersonModule(TestSlapOSGroupRoleSecurityMixin):
def test(self):
module = self.portal.person_module
......
......@@ -141,12 +141,24 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
False)
def test_Person_setReference(self):
# Due the change of security the interaction workflow don't trigger
# updateLocalRolesOnSecurityGroups.
person = self.portal.person_module.newContent(portal_type='Person')
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
person.edit(reference='TESTPER-%s' % self.generateNewId())
transaction.commit()
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
def test_Person_newContent(self):
person = self.portal.person_module.newContent(portal_type='Person')
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
person.newContent(portal_type="ERP5 Login")
transaction.commit()
self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY',
person.getUserId(), 'SHADOW-%s' % person.getReference()], False)
......
......@@ -52,13 +52,13 @@
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Person_edit</string> </value>
<value> <string>Person_newContent</string> </value>
</item>
<item>
<key> <string>method_id</string> </key>
<value>
<list>
<string>_setReference</string>
<string>newContent</string>
</list>
</value>
</item>
......@@ -74,6 +74,12 @@
</list>
</value>
</item>
<item>
<key> <string>portal_type_group_filter</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>script_name</string> </key>
<value>
......
......@@ -37,23 +37,6 @@ from DateTime import DateTime
class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase):
def createPerson(self):
person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
person_user.edit(
title="live_test_%s" % self.new_id,
reference="live_test_%s" % self.new_id,
default_email_text="live_test_%s@example.org" % self.new_id,
)
person_user.validate()
for assignment in person_user.contentValues(portal_type="Assignment"):
assignment.open()
person_user.immediateReindexObject()
transaction.commit()
return person_user
def createComputer(self, person=None):
computer = self.portal.computer_module.newContent(
portal_type="Computer",
......@@ -134,7 +117,7 @@ class SlapOSWebMixin(testSlapOSMixin, SecurityTestCase):
if getattr(self, "person", None) is None:
self.new_id = self.generateNewId()
self.person = self.createPerson()
self.person = self.makePerson(new_id=self.new_id)
self.computer = self.createComputer(person=self.person)
self.hosting_subscription = self.createHostingSubscription(
person=self.person)
......
......@@ -27,6 +27,7 @@
##############################################################################
import random
import transaction
import unittest
from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
import functools
......@@ -216,6 +217,39 @@ class testSlapOSMixin(ERP5TypeTestCase):
]
return result
def makePerson(self, new_id=None, index=True, user=True):
if new_id is None:
new_id = self.generateNewId()
# Clone person document
person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
person_user.edit(
title="live_test_%s" % new_id,
reference="live_test_%s" % new_id,
default_email_text="live_test_%s@example.org" % new_id,
)
person_user.validate()
for assignment in person_user.contentValues(portal_type="Assignment"):
assignment.open()
if user:
login = person_user.newContent(
portal_type="ERP5 Login",
reference=person_user.getReference())
login.validate()
if index:
transaction.commit()
person_user.immediateReindexObject()
if user:
login.immediateReindexObject()
return person_user
def _makeTree(self, requested_template_id='template_software_instance'):
new_id = self.generateNewId()
......@@ -229,18 +263,7 @@ class testSlapOSMixin(ERP5TypeTestCase):
state="started"
)
# Clone person document
self.person_user = self.portal.person_module.template_member.\
Base_createCloneDocument(batch_mode=1)
self.person_user.edit(
title="live_test_%s" % new_id,
reference="live_test_%s" % new_id,
default_email_text="live_test_%s@example.org" % new_id,
)
self.person_user.validate()
for assignment in self.person_user.contentValues(portal_type="Assignment"):
assignment.open()
self.person_user = self.makePerson(new_id=new_id, index=False)
self.commit()
# prepare part of tree
self.hosting_subscription = self.portal.hosting_subscription_module\
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment