[Erp5-report] r15915 - in /erp5/trunk/products/ERP5Security: ./ tests/
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed Aug 29 17:10:12 CEST 2007
Author: aurel
Date: Wed Aug 29 17:10:11 2007
New Revision: 15915
URL: http://svn.erp5.org?rev=15915&view=rev
Log:
do not check if user has internal role but if he has an open
assignment
add & modify unit test for this
Modified:
erp5/trunk/products/ERP5Security/ERP5UserManager.py
erp5/trunk/products/ERP5Security/tests/testERP5Security.py
Modified: erp5/trunk/products/ERP5Security/ERP5UserManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5UserManager.py?rev=15915&r1=15914&r2=15915&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5UserManager.py (original)
+++ erp5/trunk/products/ERP5Security/ERP5UserManager.py Wed Aug 29 17:10:11 2007
@@ -99,8 +99,10 @@
if sm.getUser().getId() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER))
try:
- if pw_validate(user.getPassword(), password) and\
- user.getCareerRole() == 'internal':
+ # get assignment
+ assignment_list = [x for x in user.contentValues(portal_type="Assignment") if x.getValidationState() == "open"]
+ if pw_validate(user.getPassword(), password) and \
+ len(assignment_list): #user.getCareerRole() == 'internal':
return login, login # use same for user_id and login
finally:
setSecurityManager(sm)
Modified: erp5/trunk/products/ERP5Security/tests/testERP5Security.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/tests/testERP5Security.py?rev=15915&r1=15914&r2=15915&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/tests/testERP5Security.py (original)
+++ erp5/trunk/products/ERP5Security/tests/testERP5Security.py Wed Aug 29 17:10:11 2007
@@ -95,12 +95,15 @@
self.failUnless(isinstance(self.getUserFolder(),
PluggableAuthService.PluggableAuthService))
- def _makePerson(self, **kw):
+ def _makePerson(self, open_assignment=1, **kw):
"""Creates a person in person module, and returns the object, after
indexing is done. """
person_module = self.getPersonModule()
new_person = person_module.newContent(
portal_type='Person', **kw)
+ assignment = new_person.newContent(portal_type = 'Assignment')
+ if open_assignment:
+ assignment.open()
get_transaction().commit()
self.tic()
return new_person
@@ -139,35 +142,36 @@
def test_PersonWithLoginPasswordAreUsers(self):
"""Tests a person with a login & password is a valid user."""
- p = self._makePerson(reference='the_user', password='secret',
- career_role='internal')
+ p = self._makePerson(reference='the_user', password='secret',)
self._assertUserExists('the_user', 'secret')
def test_PersonLoginCaseSensitive(self):
"""Login/password are case sensitive."""
- p = self._makePerson(reference='the_user', password='secret',
- career_role='internal')
+ p = self._makePerson(reference='the_user', password='secret',)
self._assertUserDoesNotExists('the_User', 'secret')
def test_PersonLoginNonAscii(self):
"""Login can contain non ascii chars."""
- p = self._makePerson(reference='j\xc3\xa9', password='secret',
- career_role='internal')
+ p = self._makePerson(reference='j\xc3\xa9', password='secret',)
self._assertUserExists('j\xc3\xa9', 'secret')
def test_PersonWithLoginWithEmptyPasswordAreNotUsers(self):
"""Tests a person with a login but no password is not a valid user."""
- self._makePerson(reference='the_user', career_role='internal')
+ self._makePerson(reference='the_user')
self._assertUserDoesNotExists('the_user', None)
- self._makePerson(reference='another_user', password='',
- career_role='internal')
+ self._makePerson(reference='another_user', password='',)
self._assertUserDoesNotExists('another_user', '')
def test_PersonWithEmptyLoginAreNotUsers(self):
"""Tests a person with a login & password is a valid user."""
- self._makePerson(reference='', password='secret', career_role='internal')
+ self._makePerson(reference='', password='secret')
self._assertUserDoesNotExists('', 'secret')
+ def test_PersonWithLoginWithNotAssignmentAreNotUsers(self):
+ """Tests a person with a login & password and no assignment open is not a valid user."""
+ self._makePerson(reference='the_user', open_assignment=0)
+ self._assertUserDoesNotExists('the_user', None)
+
def test_PersonWithSuperUserLoginCannotBeCreated(self):
"""Tests one cannot create person with the "super user" special login."""
from Products.ERP5Security.ERP5UserManager import SUPER_USER
@@ -221,7 +225,6 @@
self.username = 'username'
# create a user and open an assignement
pers = self.getPersonModule().newContent(portal_type='Person',
- career_role='internal',
reference=self.username,
password=self.username)
assignment = pers.newContent( portal_type='Assignment',
More information about the Erp5-report
mailing list