[Erp5-report] r10626 - in /erp5/trunk/products: ERP5Security/tests/ ERP5Type/patches/
nobody at svn.erp5.org
nobody at svn.erp5.org
Mon Oct 9 11:31:37 CEST 2006
Author: jerome
Date: Mon Oct 9 11:31:33 2006
New Revision: 10626
URL: http://svn.erp5.org?rev=10626&view=rev
Log:
Enable the patch on PropertiedUser to block local roles acquisition.
Add corresponding testing.
Modified:
erp5/trunk/products/ERP5Security/tests/testERP5Security.py
erp5/trunk/products/ERP5Type/patches/PropertiedUser.py
Modified: erp5/trunk/products/ERP5Security/tests/testERP5Security.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/tests/testERP5Security.py?rev=10626&r1=10625&r2=10626&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/tests/testERP5Security.py (original)
+++ erp5/trunk/products/ERP5Security/tests/testERP5Security.py Mon Oct 9 11:31:33 2006
@@ -262,6 +262,9 @@
def _getTypeInfo(self):
return self.getTypesTool()['Organisation']
+
+ def _getModuleTypeInfo(self):
+ return self.getTypesTool()['Organisation Module']
def _makeOne(self):
return self.getOrganisationModule().newContent(portal_type='Organisation')
@@ -318,7 +321,32 @@
getSecurityManager().getUser().getRolesInContext(obj))
def testAcquireLocalRoles(self):
- return NotImplemented # TODO
+ """Tests that document does not acquire loal roles from their parents if
+ "acquire local roles" is not checked."""
+ ti = self._getTypeInfo()
+ ti.acquire_local_roles = False
+ module_ti = self._getModuleTypeInfo()
+ module_ti.addRole(id='Assignor', description='desc.',
+ name='an Assignor role for testing',
+ condition='',
+ category=self.defined_category,
+ base_category_script='ERP5Type_getSecurityCategoryFromAssignment',
+ base_category='')
+ obj = self._makeOne()
+ module = obj.getParentValue()
+ module.updateLocalRolesOnSecurityGroups()
+ # we said the we do not want acquire local roles.
+ self.failIf(obj._getAcquireLocalRoles())
+ # the local role is set on the module
+ self.assertEquals(['Assignor'], module.__ac_local_roles__.get('F1_G1_S1'))
+ # but not on the document
+ self.assertEquals(None, obj.__ac_local_roles__.get('F1_G1_S1'))
+ # same testing with roles in context.
+ self.loginAsUser(self.username)
+ self.failUnless('Assignor' in
+ getSecurityManager().getUser().getRolesInContext(module))
+ self.failIf('Assignor' in
+ getSecurityManager().getUser().getRolesInContext(obj))
if __name__ == '__main__':
framework()
Modified: erp5/trunk/products/ERP5Type/patches/PropertiedUser.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/patches/PropertiedUser.py?rev=10626&r1=10625&r2=10626&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/patches/PropertiedUser.py (original)
+++ erp5/trunk/products/ERP5Type/patches/PropertiedUser.py Mon Oct 9 11:31:33 2006
@@ -19,7 +19,9 @@
from Acquisition import aq_inner, aq_parent
try:
- from PluggableAuthService.PropertiedUser import PropertiedUser
+ from Products.PluggableAuthService.PropertiedUser import PropertiedUser
+ from Products.PluggableAuthService.PropertiedUser import\
+ _what_not_even_god_should_do
except ImportError:
PropertiedUser = None
More information about the Erp5-report
mailing list