Commit f5307013 authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_erp5: Allow SHADOW user to access and create Sale Invoices

On the subscription process, we would like the user (as anonymous), be able to pay before Join.
parent 24bffc4c
...@@ -8,7 +8,12 @@ ...@@ -8,7 +8,12 @@
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Auditor</item> <item>Assignor</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignor</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
...@@ -15,4 +15,13 @@ ...@@ -15,4 +15,13 @@
<item>Auditor</item> <item>Auditor</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
...@@ -9,8 +9,9 @@ ...@@ -9,8 +9,9 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
......
<type_roles> <type_roles>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Person Shadow</property>
<multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Shadow User</property> <property id='title'>Shadow User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property> <property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property>
<property id='base_category_script'>PaymentTransactionType_getSecurityCategoryFromUser</property> <property id='base_category_script'>PaymentTransactionType_getSecurityCategoryFromUser</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='base_category'>aggregate</multi_property> <multi_property id='base_category'>aggregate</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
......
...@@ -4,6 +4,12 @@ ...@@ -4,6 +4,12 @@
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Assignee'>
<property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>User</property> <property id='title'>User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property> <property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property>
......
...@@ -928,7 +928,7 @@ class TestAccountingTransactionModule(TestSlapOSGroupRoleSecurityMixin): ...@@ -928,7 +928,7 @@ class TestAccountingTransactionModule(TestSlapOSGroupRoleSecurityMixin):
self.assertSecurityGroup(module, self.assertSecurityGroup(module,
['G-COMPANY', self.user_id, 'R-SHADOW-PERSON', 'R-MEMBER'], True) ['G-COMPANY', self.user_id, 'R-SHADOW-PERSON', 'R-MEMBER'], True)
self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author']) self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(module, 'R-SHADOW-PERSON', ['Assignor'])
self.assertRoles(module, 'R-MEMBER', ['Auditor']) self.assertRoles(module, 'R-MEMBER', ['Auditor'])
self.assertRoles(module, self.user_id, ['Owner']) self.assertRoles(module, self.user_id, ['Owner'])
...@@ -958,7 +958,7 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -958,7 +958,7 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
portal_type='Payment Transaction') portal_type='Payment Transaction')
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False) ['G-COMPANY', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
...@@ -974,7 +974,8 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -974,7 +974,8 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
shadow_user_id = 'SHADOW-%s' % person.getUserId() shadow_user_id = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, person.getUserId(), shadow_user_id], False) ['G-COMPANY', self.user_id, person.getUserId(), shadow_user_id,
'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_user_id, ['Auditor']) self.assertRoles(product, shadow_user_id, ['Auditor'])
self.assertRoles(product, person.getUserId(), ['Auditor']) self.assertRoles(product, person.getUserId(), ['Auditor'])
...@@ -992,7 +993,8 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -992,7 +993,8 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
shadow_user_id = 'SHADOW-%s' % person.getUserId() shadow_user_id = 'SHADOW-%s' % person.getUserId()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, person.getUserId(), shadow_user_id], False) ['G-COMPANY', self.user_id, person.getUserId(),
shadow_user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_user_id, ['Auditor']) self.assertRoles(product, shadow_user_id, ['Auditor'])
self.assertRoles(product, person.getUserId(), ['Auditor']) self.assertRoles(product, person.getUserId(), ['Auditor'])
...@@ -1014,7 +1016,7 @@ class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -1014,7 +1016,7 @@ class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
portal_type='Sale Invoice Transaction') portal_type='Sale Invoice Transaction')
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id], False) ['G-COMPANY', self.user_id, 'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
...@@ -1029,7 +1031,8 @@ class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin): ...@@ -1029,7 +1031,8 @@ class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
) )
product.updateLocalRolesOnSecurityGroups() product.updateLocalRolesOnSecurityGroups()
self.assertSecurityGroup(product, self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, person.getUserId()], False) ['G-COMPANY', self.user_id, person.getUserId(),
'R-SHADOW-PERSON'], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor']) self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, person.getUserId(), ['Auditor']) self.assertRoles(product, person.getUserId(), ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner']) self.assertRoles(product, self.user_id, ['Owner'])
......
...@@ -281,7 +281,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -281,7 +281,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
payment_transaction = self.portal.accounting_module.newContent( payment_transaction = self.portal.accounting_module.newContent(
portal_type='Payment Transaction') portal_type='Payment Transaction')
self.assertSecurityGroup(payment_transaction, [self.user_id, self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY'], 'G-COMPANY', 'R-SHADOW-PERSON'],
False) False)
payment_transaction.edit( payment_transaction.edit(
...@@ -290,7 +290,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -290,7 +290,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.assertSecurityGroup(payment_transaction, [self.user_id, self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getUserId(), 'G-COMPANY', 'SHADOW-%s' % self.person_user.getUserId(),
self.person_user.getUserId()], self.person_user.getUserId(), 'R-SHADOW-PERSON'],
False) False)
def test_PayzenEvent_setDestinationSection(self): def test_PayzenEvent_setDestinationSection(self):
...@@ -339,7 +339,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -339,7 +339,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
sale_invoice_transaction = self.portal.accounting_module.newContent( sale_invoice_transaction = self.portal.accounting_module.newContent(
portal_type='Sale Invoice Transaction') portal_type='Sale Invoice Transaction')
self.assertSecurityGroup(sale_invoice_transaction, [self.user_id, self.assertSecurityGroup(sale_invoice_transaction, [self.user_id,
'G-COMPANY'], 'G-COMPANY', 'R-SHADOW-PERSON'],
False) False)
sale_invoice_transaction.edit( sale_invoice_transaction.edit(
...@@ -347,7 +347,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow( ...@@ -347,7 +347,7 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
self.commit() self.commit()
self.assertSecurityGroup(sale_invoice_transaction, [self.user_id, self.assertSecurityGroup(sale_invoice_transaction, [self.user_id,
'G-COMPANY', self.person_user.getUserId()], 'G-COMPANY', self.person_user.getUserId(), 'R-SHADOW-PERSON'],
False) False)
def test_SupportRequest_setDestinationDecision(self): def test_SupportRequest_setDestinationDecision(self):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment