From d4bb4f9956515d50a08ea915b6ee9046fae557b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Calonne?= <aurel@nexedi.com> Date: Wed, 29 Aug 2007 15:10:11 +0000 Subject: [PATCH] do not check if user has internal role but if he has an open assignment add & modify unit test for this git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15915 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5Security/ERP5UserManager.py | 6 +++-- .../ERP5Security/tests/testERP5Security.py | 27 ++++++++++--------- 2 files changed, 19 insertions(+), 14 deletions(-) diff --git a/product/ERP5Security/ERP5UserManager.py b/product/ERP5Security/ERP5UserManager.py index 74c4ff4498..7135156120 100644 --- a/product/ERP5Security/ERP5UserManager.py +++ b/product/ERP5Security/ERP5UserManager.py @@ -99,8 +99,10 @@ class ERP5UserManager(BasePlugin): if sm.getUser().getId() != SUPER_USER: newSecurityManager(self, self.getUser(SUPER_USER)) try: - if pw_validate(user.getPassword(), password) and\ - user.getCareerRole() == 'internal': + # get assignment + assignment_list = [x for x in user.contentValues(portal_type="Assignment") if x.getValidationState() == "open"] + if pw_validate(user.getPassword(), password) and \ + len(assignment_list): #user.getCareerRole() == 'internal': return login, login # use same for user_id and login finally: setSecurityManager(sm) diff --git a/product/ERP5Security/tests/testERP5Security.py b/product/ERP5Security/tests/testERP5Security.py index 73f4047047..60bb487c58 100644 --- a/product/ERP5Security/tests/testERP5Security.py +++ b/product/ERP5Security/tests/testERP5Security.py @@ -95,12 +95,15 @@ class TestUserManagement(ERP5TypeTestCase): self.failUnless(isinstance(self.getUserFolder(), PluggableAuthService.PluggableAuthService)) - def _makePerson(self, **kw): + def _makePerson(self, open_assignment=1, **kw): """Creates a person in person module, and returns the object, after indexing is done. """ person_module = self.getPersonModule() new_person = person_module.newContent( portal_type='Person', **kw) + assignment = new_person.newContent(portal_type = 'Assignment') + if open_assignment: + assignment.open() get_transaction().commit() self.tic() return new_person @@ -139,35 +142,36 @@ class TestUserManagement(ERP5TypeTestCase): def test_PersonWithLoginPasswordAreUsers(self): """Tests a person with a login & password is a valid user.""" - p = self._makePerson(reference='the_user', password='secret', - career_role='internal') + p = self._makePerson(reference='the_user', password='secret',) self._assertUserExists('the_user', 'secret') def test_PersonLoginCaseSensitive(self): """Login/password are case sensitive.""" - p = self._makePerson(reference='the_user', password='secret', - career_role='internal') + p = self._makePerson(reference='the_user', password='secret',) self._assertUserDoesNotExists('the_User', 'secret') def test_PersonLoginNonAscii(self): """Login can contain non ascii chars.""" - p = self._makePerson(reference='j\xc3\xa9', password='secret', - career_role='internal') + p = self._makePerson(reference='j\xc3\xa9', password='secret',) self._assertUserExists('j\xc3\xa9', 'secret') def test_PersonWithLoginWithEmptyPasswordAreNotUsers(self): """Tests a person with a login but no password is not a valid user.""" - self._makePerson(reference='the_user', career_role='internal') + self._makePerson(reference='the_user') self._assertUserDoesNotExists('the_user', None) - self._makePerson(reference='another_user', password='', - career_role='internal') + self._makePerson(reference='another_user', password='',) self._assertUserDoesNotExists('another_user', '') def test_PersonWithEmptyLoginAreNotUsers(self): """Tests a person with a login & password is a valid user.""" - self._makePerson(reference='', password='secret', career_role='internal') + self._makePerson(reference='', password='secret') self._assertUserDoesNotExists('', 'secret') + def test_PersonWithLoginWithNotAssignmentAreNotUsers(self): + """Tests a person with a login & password and no assignment open is not a valid user.""" + self._makePerson(reference='the_user', open_assignment=0) + self._assertUserDoesNotExists('the_user', None) + def test_PersonWithSuperUserLoginCannotBeCreated(self): """Tests one cannot create person with the "super user" special login.""" from Products.ERP5Security.ERP5UserManager import SUPER_USER @@ -221,7 +225,6 @@ class TestLocalRoleManagement(ERP5TypeTestCase): self.username = 'username' # create a user and open an assignement pers = self.getPersonModule().newContent(portal_type='Person', - career_role='internal', reference=self.username, password=self.username) assignment = pers.newContent( portal_type='Assignment', -- 2.30.9