[Erp5-report] r19165 - /erp5/trunk/products/ERP5Type/tests/testERP5Type.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Fri Feb 8 11:53:04 CET 2008
Author: vincent
Date: Fri Feb 8 11:53:02 2008
New Revision: 19165
URL: http://svn.erp5.org?rev=19165&view=rev
Log:
Add an unit test to check that it is possible in an afterClone script to modify a document when "Modify portal content" was not allowed on the original copy.
Modified:
erp5/trunk/products/ERP5Type/tests/testERP5Type.py
Modified: erp5/trunk/products/ERP5Type/tests/testERP5Type.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/tests/testERP5Type.py?rev=19165&r1=19164&r2=19165&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/tests/testERP5Type.py (original)
+++ erp5/trunk/products/ERP5Type/tests/testERP5Type.py Fri Feb 8 11:53:02 2008
@@ -39,6 +39,9 @@
from Products.ERP5Type.tests.utils import installRealClassTool
from Products.ERP5Type.Utils import removeLocalPropertySheet
from AccessControl.SecurityManagement import newSecurityManager
+from AccessControl import getSecurityManager
+from Products.ERP5Type.tests.utils import createZODBPythonScript
+from Products.ERP5Type.tests.utils import removeZODBPythonScript
class PropertySheetTestCase(ERP5TypeTestCase):
"""Base test case class for property sheets tests.
@@ -1256,7 +1259,6 @@
"""
if not run: return
- from AccessControl import getSecurityManager
portal = self.getPortal()
# turn on Person.acquire_local_roles
@@ -1941,6 +1943,29 @@
self.assertNotEquals(object.getCreationDate(), portal.CreationDate())
self.assertNotEquals(object.getCreationDate(), folder.getCreationDate())
+ def test_copyWithoutModificationRight(self, quiet=quiet, run=run_all_test):
+ """
+ Check that it is possible to copy an object on which user doesn't have
+ "Modify portal content" permission.
+ """
+ if not run: return
+ portal = self.getPortalObject()
+ folder = self.getOrganisationModule()
+ object = folder.newContent(portal_type='Organisation')
+ script_container = portal.portal_skins.custom
+ script_id = '%s_afterClone' % (object.getPortalType().replace(' ', ''), )
+ createZODBPythonScript(script_container, script_id, '', 'context.setTitle("couscous")')
+ try:
+ security_manager = getSecurityManager()
+ self.assertEquals(1, security_manager.checkPermission('Access contents information', object))
+ self.assertEquals(1, security_manager.checkPermission('Modify portal content', object))
+ object.manage_permission('Modify portal content')
+ clipboard = folder.manage_copyObjects(ids=[object.id])
+ # Test fails if this method raises.
+ folder.manage_pasteObjects(clipboard)
+ finally:
+ removeZODBPythonScript(script_container, script_id)
+
def test_suite():
suite = unittest.TestSuite()
suite.addTest(unittest.makeSuite(TestERP5Type))
More information about the Erp5-report
mailing list