diff --git a/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml b/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml index 3602260c0aaab602e307374daedaa1e781c46b03..1735ee6de5d10fb7d9bdb94023a4b24f6327fcf7 100644 --- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml +++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml @@ -4,11 +4,23 @@ <item>Auditor</item> <item>Author</item> </role> + <role id='R-MEMBER'> + <item>Auditor</item> + </role> + <role id='R-SHADOW-PERSON'> + <item>Auditor</item> + </role> </local_roles> <local_role_group_ids> <local_role_group_id id='group'> <principal id='G-COMPANY'>Auditor</principal> <principal id='G-COMPANY'>Author</principal> </local_role_group_id> + <local_role_group_id id='shadow'> + <principal id='R-SHADOW-PERSON'>Auditor</principal> + </local_role_group_id> + <local_role_group_id id='user'> + <principal id='R-MEMBER'>Auditor</principal> + </local_role_group_id> </local_role_group_ids> </local_roles_item> \ No newline at end of file diff --git a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml index 36f53db0dc1c96d1ea07c05c494b401dd4a0b7fe..59eacd199e2ac1745a561ad41b5db989fc591182 100644 --- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml +++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml @@ -5,4 +5,16 @@ <multi_property id='category'>group/company</multi_property> <multi_property id='base_category'>group</multi_property> </role> + <role id='Auditor'> + <property id='title'>Member</property> + <multi_property id='categories'>local_role_group/user</multi_property> + <multi_property id='category'>role/member</multi_property> + <multi_property id='base_category'>role</multi_property> + </role> + <role id='Auditor'> + <property id='title'>Person Shadow</property> + <multi_property id='categories'>local_role_group/shadow</multi_property> + <multi_property id='category'>role/shadow/person</multi_property> + <multi_property id='base_category'>role</multi_property> + </role> </type_roles> \ No newline at end of file diff --git a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml index 3d25ac4e704193eb168aa4a76ce33c4664341b50..11c80ec7faff3a060bcb66b7e90b64946fe73c6e 100644 --- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml +++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml @@ -1,4 +1,11 @@ <type_roles> + <role id='Auditor'> + <property id='title'>Customer</property> + <property id='description'>Monovalued role</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> + <multi_property id='categories'>local_role_group/user</multi_property> + <multi_property id='base_category'>destination_section</multi_property> + </role> <role id='Assignor'> <property id='title'>Group company</property> <multi_property id='categories'>local_role_group/group</multi_property> diff --git a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py index 9bc23c77c0e72823c65ebfca06e04ed5d5ce0429..c0452b1b0d0c834f21f3daa308a497aca65c8e12 100644 --- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py +++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py @@ -2316,20 +2316,35 @@ class TestCloudContractModule(TestSlapOSGroupRoleSecurityMixin): module = self.portal.cloud_contract_module self.changeOwnership(module) self.assertSecurityGroup(module, - [self.user_id, 'G-COMPANY'], False) + [self.user_id, 'G-COMPANY', 'R-MEMBER', 'R-SHADOW-PERSON'], False) self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor']) self.assertRoles(module, self.user_id, ['Owner']) class TestCloudContract(TestSlapOSGroupRoleSecurityMixin): def test_GroupCompany(self): - text = self.portal.cloud_contract_module.newContent( + contract = self.portal.cloud_contract_module.newContent( portal_type='Cloud Contract') - self.assertSecurityGroup(text, + self.assertSecurityGroup(contract, ['G-COMPANY', self.user_id], False) - self.assertRoles(text, 'G-COMPANY', ['Assignor']) - self.assertRoles(text, self.user_id, ['Owner']) + self.assertRoles(contract, 'G-COMPANY', ['Assignor']) + self.assertRoles(contract, self.user_id, ['Owner']) + + def test_Customer(self): + reference = 'TESTPERSON-%s' % self.generateNewId() + person = self.portal.person_module.newContent(portal_type='Person', + reference=reference) + contract = self.portal.cloud_contract_module.newContent( + portal_type='Cloud Contract', + destination_section_value=person, + ) + contract.updateLocalRolesOnSecurityGroups() + self.assertSecurityGroup(contract, + ['G-COMPANY', person.getUserId(), self.user_id], False) + self.assertRoles(contract, 'G-COMPANY', ['Assignor']) + self.assertRoles(contract, person.getUserId(), ['Auditor']) + self.assertRoles(contract, self.user_id, ['Owner']) class TestUpgradeDecisionModule(TestSlapOSGroupRoleSecurityMixin): def test(self):