Add test for security indexing of sub documents.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16523 20353a03-c40f-0410-a6d1-a30d3c3de9de

Add test for security indexing of sub documents.
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16523 20353a03-c40f-0410-a6d1-a30d3c3de9de
508ab05a · Jérome Perrin · 7074965e · 508ab05a
Commit 508ab05a authored Sep 20, 2007 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 24 additions and 0 deletions

product/ERP5Catalog/tests/testERP5Catalog.py product/ERP5Catalog/tests/testERP5Catalog.py +24 -0

No files found.
--- a/product/ERP5Catalog/tests/testERP5Catalog.py
+++ b/product/ERP5Catalog/tests/testERP5Catalog.py
@@ -1812,6 +1812,30 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
                                         owner='somebody else')])


+  def test_SubDocumentsSecurityIndexing(self):
+    # make sure indexing of security on sub-documents works as expected
+    uf = self.getPortal().acl_users
+    uf._doAddUser('bob', '', ['Member'], [])
+    obj = self._makeOrganisation(title='The Document')
+    obj2 = obj.newContent(portal_type='Bank Account')
+    obj2.manage_addLocalRoles('bob', ['Auditor'])
+    get_transaction().commit()
+    self.tic()
+
+    PortalTestCase.login(self, 'bob')
+    self.assertEquals([obj2], [x.getObject() for x in
+                               obj.searchFolder(portal_type='Bank Account')])
+    # now if we pass the bank account in deleted state, it's no longer returned
+    # by searchFolder.
+    # This will work as long as Bank Account are associated to a workflow that
+    # allow deletion.
+    obj2.delete()
+    get_transaction().commit()
+    self.tic()
+    self.assertEquals([], [x.getObject() for x in
+                           obj.searchFolder(portal_type='Bank Account')])
+
+
 def test_suite():
  suite = unittest.TestSuite()
  suite.addTest(unittest.makeSuite(TestERP5Catalog))