Skip to content

S
slapos.core
Commit 06534a56 authored by Romain Courteaud's avatar Romain Courteaud
Browse files
Options

Give read access on Payment Transaction to user.

parent 246e3724
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 3 deletions
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Payment%20Transaction.xml
View file @ 06534a56
......@@ -10,4 +10,10 @@
<property id='base_category_script'>PaymentTransactionType_getSecurityCategoryFromUser</property>
<multi_property id='base_category'>aggregate</multi_property>
</role>
<role id='Auditor'>
<property id='title'>User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
</type_roles>
\ No newline at end of file
master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5GroupRoleSecurity.py
View file @ 06534a56
......@@ -881,9 +881,28 @@ class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
product.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, shadow_reference], False)
['G-COMPANY', self.user_id, reference, shadow_reference], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_reference, ['Auditor'])
self.assertRoles(product, reference, ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
def test_User(self):
reference = 'TESTPERSON-%s' % self.generateNewId()
person = self.portal.person_module.newContent(portal_type='Person',
reference=reference)
product = self.portal.accounting_module.newContent(
portal_type='Payment Transaction')
product.edit(
destination_section_value=person,
)
product.updateLocalRolesOnSecurityGroups()
shadow_reference = 'SHADOW-%s' % reference
self.assertSecurityGroup(product,
['G-COMPANY', self.user_id, reference, shadow_reference], False)
self.assertRoles(product, 'G-COMPANY', ['Assignor'])
self.assertRoles(product, shadow_reference, ['Auditor'])
self.assertRoles(product, reference, ['Auditor'])
self.assertRoles(product, self.user_id, ['Owner'])
class TestPurchaseInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
......
master/bt5/slapos_erp5/TestTemplateItem/testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
View file @ 06534a56
......@@ -276,7 +276,8 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
transaction.commit()
self.assertSecurityGroup(payment_transaction, [self.user_id,
'G-COMPANY', 'SHADOW-%s' % self.person_user.getReference()],
'G-COMPANY', 'SHADOW-%s' % self.person_user.getReference(),
self.person_user.getReference()],
False)
def test_PayzenEvent_setDestinationSection(self):
......
master/bt5/slapos_erp5/bt/revision
View file @ 06534a56
153
\ No newline at end of file
154
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7