Commit 18edf533 authored by Jérome Perrin's avatar Jérome Perrin

testGUIwithSecurity: test display of restricted properties

parent eefaa8b3
......@@ -60,7 +60,7 @@ class TestGUISecurity(ERP5TypeTestCase):
def stepCreateTestFoo(self, sequence = None, sequence_list = None, **kw):
foo_module = self.portal.foo_module
foo_module.newContent(portal_type='Foo', id='foo', foo_category='a')
foo_module.newContent(portal_type='Foo', id='foo', foo_category='a', protected_property='Protected Property')
# allow Member to view foo_module in a hard coded way as it is not required to setup complex
# security for this test (by default only 5A roles + Manager can view default modules)
for permission in ('Access contents information', 'View'):
......@@ -147,3 +147,18 @@ class TestGUISecurity(ERP5TypeTestCase):
sequence_list.addSequenceString(sequence_string)
sequence_list.play(self)
def test_read_permission_property(self):
"""
This test checks that property defined with a `read_property` that the
logged in user does not have are not displayed.
"""
self.login() # as manager
self.stepCreateObjects()
self.stepCreateTestFoo()
protected_property_markup = '<input name="field_my_protected_property" value="Protected Property" type="text"'
self.assertIn(protected_property_markup, self.portal.foo_module.foo.Foo_viewSecurity())
self.loginAs() # user without permission to access protected property
self.assertNotIn(protected_property_markup, self.portal.foo_module.foo.Foo_viewSecurity())
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment