in getViewPermissionOwner, check that the owner can view the document, not that

the Owner role has the view permission. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15739 20353a03-c40f-0410-a6d1-a30d3c3de9de

in getViewPermissionOwner, check that the owner can view the document, not that
the Owner role has the view permission. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15739 20353a03-c40f-0410-a6d1-a30d3c3de9de
e8eae8a8 · Jérome Perrin · bdf92857 · e8eae8a8 · e8eae8a8 · e8eae8a8
Commit e8eae8a8 authored Aug 17, 2007 by Jérome Perrin
3 changed files
--- a/product/ERP5/tests/testBase.py
+++ b/product/ERP5/tests/testBase.py
@@ -72,6 +72,8 @@ class TestBase(ERP5TypeTestCase):
  defined_property_value = "a_wonderful_title"
  not_related_to_temp_object_property_id = "string_index"
  not_related_to_temp_object_property_value = "a_great_index"
+  
+  username = 'rc'

  def getTitle(self):
    return "Base"
@@ -83,8 +85,8 @@ class TestBase(ERP5TypeTestCase):

  def login(self):
    uf = self.getPortal().acl_users
-    uf._doAddUser('rc', '', ['Manager'], [])
-    user = uf.getUserById('rc').__of__(uf)
+    uf._doAddUser(self.username, '', ['Manager'], [])
+    user = uf.getUserById(self.username).__of__(uf)
    newSecurityManager(None, user)

  def afterSetUp(self):
@@ -961,6 +963,26 @@ class TestBase(ERP5TypeTestCase):
        props['chain_%s' % id] = ','.join(wf_ids)
      pw.manage_changeWorkflows('', props = props)

+  def test_getViewPermissionOwnerDefault(self):
+    """Test getViewPermissionOwner method behaviour"""
+    portal = self.getPortal()
+    obj = portal.organisation_module.newContent(portal_type='Organisation')
+    self.assertEquals(self.username, obj.getViewPermissionOwner())
+
+  def test_getViewPermissionOwnerNoOwnerLocalRole(self):
+    # the actual owner doesn't have Owner local role
+    portal = self.getPortal()
+    obj = portal.organisation_module.newContent(portal_type='Organisation')
+    obj.manage_delLocalRoles(self.username)
+    self.assertEquals(self.username, obj.getViewPermissionOwner())
+
+  def test_getViewPermissionOwnerNoViewPermission(self):
+    # the owner cannot view the object
+    portal = self.getPortal()
+    obj = portal.organisation_module.newContent(portal_type='Organisation')
+    obj.manage_permission('View', [], 0)
+    self.assertEquals(None, obj.getViewPermissionOwner())
+

 class TestERP5PropertyManager(unittest.TestCase):
  """Tests for ERP5PropertyManager.

--- a/product/ERP5Catalog/tests/testERP5Catalog.py
+++ b/product/ERP5Catalog/tests/testERP5Catalog.py
@@ -68,6 +68,7 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
  # Different variables used for this test
  run_all_test = 1
  quiet = 0
+  username = 'seb'

  def afterSetUp(self):
    self.login()
@@ -85,8 +86,8 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):

  def login(self):
    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
+    uf._doAddUser(self.username, '', ['Manager'], [])
+    user = uf.getUserById(self.username).__of__(uf)
    newSecurityManager(None, user)

  def getSQLPathList(self,connection_id=None):
@@ -1802,6 +1803,23 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
    sql_src = self.getCatalogTool()(src__=1,**catalog_kw)
    self.failUnless('TRUNCATE(catalog.uid,2) = 2567.54' in sql_src)

+  def test_SearchOnOwner(self):
+    # owner= can be used a search key in the catalog to have all documents for
+    # a specific owner and on which he have the View permission.
+    obj = self._makeOrganisation(title='The Document')
+    obj2 = self._makeOrganisation(title='The Document')
+    obj2.manage_permission('View', [], 0)
+    obj2.reindexObject()
+    get_transaction().commit()
+    self.tic()
+    ctool = self.getCatalogTool()
+    self.assertEquals([obj], [x.getObject() for x in
+                                   ctool(title='The Document',
+                                         owner=self.username)])
+    self.assertEquals([], [x.getObject() for x in
+                                   ctool(title='The Document',
+                                         owner='somebody else')])
+
 if __name__ == '__main__':
    framework()
 else:

--- a/product/ERP5Type/Base.py
+++ b/product/ERP5Type/Base.py
@@ -1432,13 +1432,12 @@ class Base( CopyContainer,
  security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' )
  def getViewPermissionOwner(self):
    """
-      Returns the user ID of the owner if Owner role
-      has View permission. Returns None else.
+      Returns the user ID of the owner if this user has View permission,
+      otherwise returns None.
    """
-    path, user_id = self.getOwnerTuple()
-    if 'Owner' in rolesForPermissionOn(Permissions.View, self):
-      path, user_id = self.getOwnerTuple()
-      return user_id
+    owner = self.getWrappedOwner()
+    if owner is not None and owner.has_permission(Permissions.View, self):
+      return str(owner)
    return None

  # Private accessors for the implementation of relations based on