Enable the patch on PropertiedUser to block local roles acquisition.

Add corresponding testing. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10626 20353a03-c40f-0410-a6d1-a30d3c3de9de

Enable the patch on PropertiedUser to block local roles acquisition.
Add corresponding testing. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10626 20353a03-c40f-0410-a6d1-a30d3c3de9de
34cb2c7b · Jérome Perrin · 6154a34c · 34cb2c7b · 34cb2c7b
Commit 34cb2c7b authored Oct 09, 2006 by Jérome Perrin
Showing with 32 additions and 2 deletions

product/ERP5Security/tests/testERP5Security.py product/ERP5Security/tests/testERP5Security.py +29 -1

product/ERP5Type/patches/PropertiedUser.py product/ERP5Type/patches/PropertiedUser.py +3 -1

No files found.
--- a/product/ERP5Security/tests/testERP5Security.py
+++ b/product/ERP5Security/tests/testERP5Security.py
@@ -263,6 +263,9 @@ class TestLocalRoleManagement(ERP5TypeTestCase):
  def _getTypeInfo(self):
    return self.getTypesTool()['Organisation']
+  def _getModuleTypeInfo(self):
+    return self.getTypesTool()['Organisation Module']
  def _makeOne(self):
    return self.getOrganisationModule().newContent(portal_type='Organisation')
@@ -318,7 +321,32 @@ class TestLocalRoleManagement(ERP5TypeTestCase):
            getSecurityManager().getUser().getRolesInContext(obj))
  def testAcquireLocalRoles(self):
-    return NotImplemented # TODO
+    """Tests that document does not acquire loal roles from their parents if
+    "acquire local roles" is not checked."""
+    ti = self._getTypeInfo()
+    ti.acquire_local_roles = False
+    module_ti = self._getModuleTypeInfo()
+    module_ti.addRole(id='Assignor', description='desc.',
+           name='an Assignor role for testing',
+           condition='',
+           category=self.defined_category,
+           base_category_script='ERP5Type_getSecurityCategoryFromAssignment',
+           base_category='')
+    obj = self._makeOne()
+    module = obj.getParentValue()
+    module.updateLocalRolesOnSecurityGroups()
+    # we said the we do not want acquire local roles.
+    self.failIf(obj._getAcquireLocalRoles())
+    # the local role is set on the module
+    self.assertEquals(['Assignor'], module.__ac_local_roles__.get('F1_G1_S1'))
+    # but not on the document
+    self.assertEquals(None, obj.__ac_local_roles__.get('F1_G1_S1'))
+    # same testing with roles in context.
+    self.loginAsUser(self.username)
+    self.failUnless('Assignor' in
+            getSecurityManager().getUser().getRolesInContext(module))
+    self.failIf('Assignor' in
+            getSecurityManager().getUser().getRolesInContext(obj))
 if __name__ == '__main__':
  framework()

--- a/product/ERP5Type/patches/PropertiedUser.py
+++ b/product/ERP5Type/patches/PropertiedUser.py
@@ -19,7 +19,9 @@
 from Acquisition import aq_inner, aq_parent
 try:
-  from PluggableAuthService.PropertiedUser import PropertiedUser
+  from Products.PluggableAuthService.PropertiedUser import PropertiedUser
+  from Products.PluggableAuthService.PropertiedUser import\
+                                              _what_not_even_god_should_do
 except ImportError:
  PropertiedUser = None