[Erp5-report] r15915 - in /erp5/trunk/products/ERP5Security: ./ tests/

nobody at svn.erp5.org nobody at svn.erp5.org
Wed Aug 29 17:10:12 CEST 2007 

Author: aurel
Date: Wed Aug 29 17:10:11 2007
New Revision: 15915

URL: http://svn.erp5.org?rev=15915&view=rev
Log:
do not check if user has internal role but if he has an open
assignment
add & modify unit test for this

Modified:
    erp5/trunk/products/ERP5Security/ERP5UserManager.py
    erp5/trunk/products/ERP5Security/tests/testERP5Security.py

Modified: erp5/trunk/products/ERP5Security/ERP5UserManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5UserManager.py?rev=15915&r1=15914&r2=15915&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5UserManager.py (original)
+++ erp5/trunk/products/ERP5Security/ERP5UserManager.py Wed Aug 29 17:10:11 2007
@@ -99,8 +99,10 @@
             if sm.getUser().getId() != SUPER_USER:
               newSecurityManager(self, self.getUser(SUPER_USER))
             try:
-              if pw_validate(user.getPassword(), password) and\
-                  user.getCareerRole() == 'internal':
+              # get assignment
+              assignment_list = [x for x in user.contentValues(portal_type="Assignment") if x.getValidationState() == "open"]
+              if pw_validate(user.getPassword(), password) and \
+                     len(assignment_list): #user.getCareerRole() == 'internal':
                 return login, login # use same for user_id and login
             finally:
               setSecurityManager(sm)

Modified: erp5/trunk/products/ERP5Security/tests/testERP5Security.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/tests/testERP5Security.py?rev=15915&r1=15914&r2=15915&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/tests/testERP5Security.py (original)
+++ erp5/trunk/products/ERP5Security/tests/testERP5Security.py Wed Aug 29 17:10:11 2007
@@ -95,12 +95,15 @@
     self.failUnless(isinstance(self.getUserFolder(),
         PluggableAuthService.PluggableAuthService))
 
-  def _makePerson(self, **kw):
+  def _makePerson(self, open_assignment=1, **kw):
     """Creates a person in person module, and returns the object, after
     indexing is done. """
     person_module = self.getPersonModule()
     new_person = person_module.newContent(
                      portal_type='Person', **kw)
+    assignment = new_person.newContent(portal_type = 'Assignment')
+    if open_assignment:
+      assignment.open()
     get_transaction().commit()
     self.tic()
     return new_person
@@ -139,35 +142,36 @@
 
   def test_PersonWithLoginPasswordAreUsers(self):
     """Tests a person with a login & password is a valid user."""
-    p = self._makePerson(reference='the_user', password='secret',
-                        career_role='internal')
+    p = self._makePerson(reference='the_user', password='secret',)
     self._assertUserExists('the_user', 'secret')
     
   def test_PersonLoginCaseSensitive(self):
     """Login/password are case sensitive."""
-    p = self._makePerson(reference='the_user', password='secret',
-                        career_role='internal')
+    p = self._makePerson(reference='the_user', password='secret',)
     self._assertUserDoesNotExists('the_User', 'secret')
   
   def test_PersonLoginNonAscii(self):
     """Login can contain non ascii chars."""
-    p = self._makePerson(reference='j\xc3\xa9', password='secret',
-                        career_role='internal')
+    p = self._makePerson(reference='j\xc3\xa9', password='secret',)
     self._assertUserExists('j\xc3\xa9', 'secret')
 
   def test_PersonWithLoginWithEmptyPasswordAreNotUsers(self):
     """Tests a person with a login but no password is not a valid user."""
-    self._makePerson(reference='the_user', career_role='internal')
+    self._makePerson(reference='the_user')
     self._assertUserDoesNotExists('the_user', None)
-    self._makePerson(reference='another_user', password='',
-                     career_role='internal')
+    self._makePerson(reference='another_user', password='',)
     self._assertUserDoesNotExists('another_user', '')
   
   def test_PersonWithEmptyLoginAreNotUsers(self):
     """Tests a person with a login & password is a valid user."""
-    self._makePerson(reference='', password='secret', career_role='internal')
+    self._makePerson(reference='', password='secret')
     self._assertUserDoesNotExists('', 'secret')
   
+  def test_PersonWithLoginWithNotAssignmentAreNotUsers(self):
+    """Tests a person with a login & password and no assignment open is not a valid user."""
+    self._makePerson(reference='the_user', open_assignment=0)
+    self._assertUserDoesNotExists('the_user', None)
+
   def test_PersonWithSuperUserLoginCannotBeCreated(self):
     """Tests one cannot create person with the "super user" special login."""
     from Products.ERP5Security.ERP5UserManager import SUPER_USER
@@ -221,7 +225,6 @@
     self.username = 'username'
     # create a user and open an assignement
     pers = self.getPersonModule().newContent(portal_type='Person',
-                                             career_role='internal',
                                              reference=self.username,
                                              password=self.username)
     assignment = pers.newContent( portal_type='Assignment',

More information about the Erp5-report mailing list