Commit bcde640d authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

add a test to check if PropertyTypeValidity (that is enabled everywhere) works...

add a test to check if PropertyTypeValidity (that is enabled everywhere) works fine if property is not accessible by user (eg. source_title property in Arrow property sheet is not accessible if source value is not accessible). Currently this test raises Unauthorized error, and will be fixed later.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30373 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent fb1c08e7
No related merge requests found
...@@ -58,6 +58,12 @@ class TestConstraint(PropertySheetTestCase): ...@@ -58,6 +58,12 @@ class TestConstraint(PropertySheetTestCase):
user = uf.getUserById('rc').__of__(uf) user = uf.getUserById('rc').__of__(uf)
newSecurityManager(None, user) newSecurityManager(None, user)
def stepLoginAsAssignee(self, sequence=None, sequence_list=None, **kw):
uf = self.getPortal().acl_users
uf._doAddUser('member', '', ['Member', 'Assignee'], [])
user = uf.getUserById('member').__of__(uf)
newSecurityManager(None, user)
def afterSetUp(self): def afterSetUp(self):
self.login() self.login()
self.portal = self.getPortal() self.portal = self.getPortal()
...@@ -65,6 +71,7 @@ class TestConstraint(PropertySheetTestCase): ...@@ -65,6 +71,7 @@ class TestConstraint(PropertySheetTestCase):
self.createCategories() self.createCategories()
def beforeTearDown(self): def beforeTearDown(self):
self.login()
transaction.abort() transaction.abort()
module = self.portal.organisation_module module = self.portal.organisation_module
module.manage_delObjects(list(module.objectIds())) module.manage_delObjects(list(module.objectIds()))
...@@ -1432,6 +1439,22 @@ class TestConstraint(PropertySheetTestCase): ...@@ -1432,6 +1439,22 @@ class TestConstraint(PropertySheetTestCase):
self.assertEquals('Attribute title does not match', self.assertEquals('Attribute title does not match',
str(message.getTranslatedMessage())) str(message.getTranslatedMessage()))
def test_PropertyTypeValidityWithUnauthorizedCategory(self):
person = self.portal.person_module.newContent(portal_type='Person')
assignment = person.newContent(portal_type='Assignment')
self.assertEquals([], person.checkConsistency())
group3 = self.category_tool.restrictedTraverse(
'group/testGroup3', self.category_tool.group.newContent(
portal_type='Category',
id='testGroup3'))
group3.manage_permission('Access contents information', ['Manager'], 0)
assignment.setSourceValue(group3)
# Manager can access testGroup3
self.assertEquals([], person.checkConsistency())
self.stepLoginAsAssignee()
# Assignee cannot access testGroup3
self.assertEquals([], person.checkConsistency())
def test_suite(): def test_suite():
suite = unittest.TestSuite() suite = unittest.TestSuite()
suite.addTest(unittest.makeSuite(TestConstraint)) suite.addTest(unittest.makeSuite(TestConstraint))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment