ZODB Components: Fix bootstrap of migrated bt5s.

* Upon bt5 installation, install portal_type* items before bt5 {Document,
  Extensions...} as corresponding Portal Type are required once they have been
  migrated to ZODB Components.

* Likewise portal_{property_sheets, types}, portal_components must be created
  automatically *before* installing any bt5. This is required when Products
  will be migrated but also for bt5 items before bootstrapping erp5_core bt5.

* Set Permissions in ComponentTool instanciation and revoke all permissions,
  then allow only some of them for security sake.

* When creating ERP5 site with unit tests, add ERP5TypeTestCase to Developer
  Role ASAP so that there is no Permission issue when installing bootstrap bt5
  and test bt5s containing ZODB Components.

product/ERP5/Document/BusinessTemplate.py

@@ -4798,6 +4798,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
     # This is a global variable
     # Order is important for installation
     # We want to have:
+    #  * workflow and portal_type* before ZODB Component {Document,Extension...}
     #  * path after module, because path can be module content
     #  * path after categories, because path can be categories content
     #  * path after portal types roles so that roles in the current bt can be used
@@ -4809,6 +4810,12 @@ Business Template is a set of definitions, such as skins, portal types and categ
     _item_name_list = [
       '_registered_version_priority_selection_item',
       '_workflow_item',
+      '_portal_type_item',
+      #'_portal_type_workflow_chain_item',
+      '_portal_type_allowed_content_type_item',
+      '_portal_type_hidden_content_type_item',
+      '_portal_type_property_sheet_item',
+      '_portal_type_base_category_item',
       '_product_item',
       '_document_item',
       '_property_sheet_item',
@@ -4819,12 +4826,6 @@ Business Template is a set of definitions, such as skins, portal types and categ
       '_tool_item',
       '_message_translation_item',
       '_site_property_item',
-      '_portal_type_item',
-      #'_portal_type_workflow_chain_item',
-      '_portal_type_allowed_content_type_item',
-      '_portal_type_hidden_content_type_item',
-      '_portal_type_property_sheet_item',
-      '_portal_type_base_category_item',
       '_category_item',
       '_module_item',
       '_portal_type_roles_item',

product/ERP5/bootstrap/erp5_core/bt/change_log

+2013-06-25 arnaud.fontaine
+* ZODB Components: Fix bootstrap of migrated bt5s.
+
 2013-06-24 arnaud.fontaine
 * Meaningless to remove ZODB Components migrated from FS. This will not work when there are several nodes anyway, so just display a message to the user.
 

product/ERP5/bootstrap/erp5_core/bt/revision

-41110
\ No newline at end of file
+41111
\ No newline at end of file

product/ERP5/bootstrap/erp5_core/bt/template_tool_id_list

 mimetypes_registry
-portal_components
 portal_contribution_registry
 portal_notifications
 portal_sessions

product/ERP5/tests/testBusinessTemplate.py

@@ -41,7 +41,6 @@ from Products.CMFCore.Expression import Expression
 from Products.ERP5Type.tests.utils import LogInterceptor
 from Products.ERP5Type.Workflow import addWorkflowByType
 from Products.ERP5Type.tests.backportUnittest import expectedFailure, skip
-from Products.ERP5Type.tests.testDynamicClassGeneration import TestDeveloperMixin
 from Products.ERP5VCS.WorkingCopy import getVcsTool
 import shutil
 import os
@@ -58,7 +57,7 @@ from Products.PortalTransforms.Transform import Transform
 Transform_tr_init = Transform._tr_init
 Transform_manage_beforeDelete = Transform.manage_beforeDelete
 
-class BusinessTemplateMixin(TestDeveloperMixin, ERP5TypeTestCase, LogInterceptor):
+class BusinessTemplateMixin(ERP5TypeTestCase, LogInterceptor):
   def getBusinessTemplateList(self):
     return ('erp5_base',
             'erp5_csv_style',

product/ERP5Type/Tool/ComponentTool.py

@@ -35,6 +35,7 @@ import sys
 
 from AccessControl import ClassSecurityInfo
 from Products.ERP5Type import Permissions
+from AccessControl.Permission import Permission
 from Products.ERP5Type.Tool.BaseTool import BaseTool
 from Products.ERP5Type.Base import Base
 from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
@@ -61,6 +62,51 @@ class ComponentTool(BaseTool):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
+  def __init__(self, *args, **kwargs):
+    """
+    Except 'Access *', 'View*' and 'WebDAV' permissions (Acquired) and 'Reset
+    dynamic classes' (Manager, required to reset Components), everything
+    requires Developer Role.
+
+    Another solution would be to load it from XML as it was previously done,
+    but from a security point of view, it's better to forbid everything and
+    allows only some.
+
+    XXX-arnau: Really all 'Access *' and 'View*'? nothing else?
+    """
+    obj = BaseTool.__init__(self, *args, **kwargs)
+    for permission_tuple in self.ac_inherited_permissions(1):
+      name = permission_tuple[0]
+      value = permission_tuple[1]
+      if name == 'Reset dynamic classes':
+        p = Permission(name, value, self)
+        p.setRoles(('Manager',))
+      elif not (name.startswith('Access ') or
+                name.startswith('View') or
+                name.startswith('WebDAV')):
+        p = Permission(name, value, self)
+        p.setRoles(('Developer',))
+
+    return obj
+
+  def _isBootstrapRequired(self):
+    """
+    Required by synchronizeDynamicModules() to bootstrap an empty site and
+    thus create portal_components
+
+    XXX-arnau: Only bt5 items for now
+    """
+    return False
+
+  def _bootstrap(self):
+    """
+    Required by synchronizeDynamicModules() to bootstrap an empty site and
+    thus create portal_components
+
+    XXX-arnau: Only bt5 items for now
+    """
+    pass
+
   security.declareProtected(Permissions.ResetDynamicClasses, 'reset')
   def reset(self,
             force=False,

product/ERP5Type/dynamic/portal_type_class.py

@@ -332,8 +332,9 @@ def synchronizeDynamicModules(context, force=False):
       migrate = False
       from Products.ERP5Type.Tool.PropertySheetTool import PropertySheetTool
       from Products.ERP5Type.Tool.TypesTool import TypesTool
+      from Products.ERP5Type.Tool.ComponentTool import ComponentTool
       try:
-        for tool_class in TypesTool, PropertySheetTool:
+        for tool_class in TypesTool, PropertySheetTool, ComponentTool:
           # if the instance has no property sheet tool, or incomplete
           # property sheets, we need to import some data to bootstrap
           # (only likely to happen on the first run ever)

product/ERP5Type/tests/ERP5TypeTestCase.py

@@ -218,6 +218,21 @@ def _parse_args(self, *args, **kw):
 _parse_args._original = DateTime._original_parse_args
 DateTime._parse_args = _parse_args
 
+def addUserToDeveloperRole(user_name):
+  config = getConfiguration()
+  product_config = getattr(config, 'product_config', None)
+  if product_config is None:
+    product_config = config.product_config = {}
+
+  if product_config.get('erp5') is None:
+    class DummyDeveloperConfig(object):
+      pass
+    dummy_developer_config = DummyDeveloperConfig()
+    dummy_developer_config.developer_list = [user_name]
+    product_config['erp5'] = dummy_developer_config
+  elif user_name not in product_config['erp5'].developer_list:
+    product_config['erp5'].developer_list.append(user_name)
+
 class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase):
     """Mixin class for ERP5 based tests.
     """
@@ -998,6 +1013,11 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
                           'Assignor', 'Author', 'Auditor', 'Associate'], [])
             user = uf.getUserById('ERP5TypeTestCase').__of__(uf)
             newSecurityManager(None, user)
+
+            # bt5s contain ZODB Components which can be only installed if the
+            # user has Developer Role
+            addUserToDeveloperRole('ERP5TypeTestCase')
+
             # Add ERP5 Site
             reindex = 1
             if hot_reindexing:

product/ERP5Type/tests/testDynamicClassGeneration.py

@@ -1244,31 +1244,7 @@ from Products.ERP5Type.mixin.component import ComponentMixin
 from Products.ERP5Type.tests.SecurityTestCase import SecurityTestCase
 from App.config import getConfiguration
 
-class TestDeveloperMixin:
-
-  def login(self, user_name='ERP5TypeTestCase', quiet=0):
-    """
-    Make sure that the test user has Developer Role, otherwise the user cannot
-    do anything on Components...
-    """
-    config = getConfiguration()
-    product_config = getattr(config, 'product_config', None)
-    if product_config is None:
-      product_config = config.product_config = {}
-
-    if product_config.get('erp5') is None:
-      class DummyDeveloperConfig(object):
-        pass
-      dummy_developer_config = DummyDeveloperConfig()
-      dummy_developer_config.developer_list = [user_name]
-      product_config['erp5'] = dummy_developer_config
-
-    elif user_name not in product_config['erp5'].developer_list:
-      product_config['erp5'].developer_list.append(user_name)
-
-    return ERP5TypeTestCase.login(self, user_name, quiet)
-
-class _TestZodbComponent(TestDeveloperMixin, SecurityTestCase):
+class _TestZodbComponent(SecurityTestCase):
   """
   Abstract class which defined convenient methods used by any Component Test
   and tests ran for all Component Test classes