slapos_cloud: Test security with assigments to Project and Organisation

Ensure that the user has proper Security once new assignments are created.

slapos_cloud: Test security with assigments to Project and Organisation
Ensure that the user has proper Security once new assignments are created.
cc7de675 · Rafael Monnerat · 1509e9eb · cc7de675
Commit cc7de675 authored Jun 10, 2021 by Rafael Monnerat
Show whitespace changes
Inline Side-by-side

Showing with 36 additions and 0 deletions

master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudSecurityGroup.py ...rtal_components/test.erp5.testSlapOSCloudSecurityGroup.py +36 -0

No files found.
--- a/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudSecurityGroup.py
+++ b/master/bt5/slapos_cloud/TestTemplateItem/portal_components/test.erp5.testSlapOSCloudSecurityGroup.py
@@ -182,6 +182,7 @@ class TestSlapOSSoftwareInstanceSecurity(TestSlapOSSecurityMixin):
    self.test_inactive(login_portal_type="ERP5 Login")
 class TestSlapOSPersonSecurity(TestSlapOSSecurityMixin):
  def test_active(self, login_portal_type="Certificate Login"):    
    reference = self._generateRandomUniqueReference('Person')
    user_id = self._generateRandomUniqueUserId('Person')
@@ -234,6 +235,41 @@ class TestSlapOSPersonSecurity(TestSlapOSSecurityMixin):
    self.assertTrue('Authenticated' in user.getRoles())
    self.assertSameSet(['R-MEMBER', 'G-COMPANY'], user.getGroups())
+    # add to role for project
+    self.login()
+    project = self.portal.project_module.newContent(
+      portal_type="Project"
+    )
+    project.validate()
+    person.newContent(portal_type='Assignment',
+      destination_project_value=project).open()
+    self.tic()
+    self.portal.portal_caches.clearAllCache()
+    self.login(person.getUserId())
+    user = getSecurityManager().getUser()
+    self.assertTrue('Authenticated' in user.getRoles())
+    self.assertSameSet(['R-MEMBER', 'G-COMPANY', project.getReference()], user.getGroups())
+    # add to role for project
+    self.login()
+    organisation = self.portal.organisation_module.newContent(
+      portal_type="Organisation",
+      reference="OTEST-%s" % person.getUserId()
+    )
+    organisation.validate()
+    person.newContent(portal_type='Assignment',
+      destination_value=organisation).open()
+    self.tic()
+    self.portal.portal_caches.clearAllCache()
+    self.login(person.getUserId())
+    user = getSecurityManager().getUser()
+    self.assertTrue('Authenticated' in user.getRoles())
+    self.assertSameSet(['R-MEMBER', 'G-COMPANY', organisation.getReference(),
+      project.getReference()], user.getGroups())
  def test_inactive(self, login_portal_type="Certificate Login"):
    reference = self._generateRandomUniqueReference('Person')
    user_id = self._generateRandomUniqueReference('Person')