Commit e8eae8a8 authored by Jérome Perrin's avatar Jérome Perrin

in getViewPermissionOwner, check that the owner can view the document, not that

the Owner role has the view permission.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15739 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent bdf92857
......@@ -73,6 +73,8 @@ class TestBase(ERP5TypeTestCase):
not_related_to_temp_object_property_id = "string_index"
not_related_to_temp_object_property_value = "a_great_index"
username = 'rc'
def getTitle(self):
return "Base"
......@@ -83,8 +85,8 @@ class TestBase(ERP5TypeTestCase):
def login(self):
uf = self.getPortal().acl_users
uf._doAddUser('rc', '', ['Manager'], [])
user = uf.getUserById('rc').__of__(uf)
uf._doAddUser(self.username, '', ['Manager'], [])
user = uf.getUserById(self.username).__of__(uf)
newSecurityManager(None, user)
def afterSetUp(self):
......@@ -961,6 +963,26 @@ class TestBase(ERP5TypeTestCase):
props['chain_%s' % id] = ','.join(wf_ids)
pw.manage_changeWorkflows('', props = props)
def test_getViewPermissionOwnerDefault(self):
"""Test getViewPermissionOwner method behaviour"""
portal = self.getPortal()
obj = portal.organisation_module.newContent(portal_type='Organisation')
self.assertEquals(self.username, obj.getViewPermissionOwner())
def test_getViewPermissionOwnerNoOwnerLocalRole(self):
# the actual owner doesn't have Owner local role
portal = self.getPortal()
obj = portal.organisation_module.newContent(portal_type='Organisation')
obj.manage_delLocalRoles(self.username)
self.assertEquals(self.username, obj.getViewPermissionOwner())
def test_getViewPermissionOwnerNoViewPermission(self):
# the owner cannot view the object
portal = self.getPortal()
obj = portal.organisation_module.newContent(portal_type='Organisation')
obj.manage_permission('View', [], 0)
self.assertEquals(None, obj.getViewPermissionOwner())
class TestERP5PropertyManager(unittest.TestCase):
"""Tests for ERP5PropertyManager.
......
......@@ -68,6 +68,7 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
# Different variables used for this test
run_all_test = 1
quiet = 0
username = 'seb'
def afterSetUp(self):
self.login()
......@@ -85,8 +86,8 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
def login(self):
uf = self.getPortal().acl_users
uf._doAddUser('seb', '', ['Manager'], [])
user = uf.getUserById('seb').__of__(uf)
uf._doAddUser(self.username, '', ['Manager'], [])
user = uf.getUserById(self.username).__of__(uf)
newSecurityManager(None, user)
def getSQLPathList(self,connection_id=None):
......@@ -1802,6 +1803,23 @@ class TestERP5Catalog(ERP5TypeTestCase, LogInterceptor):
sql_src = self.getCatalogTool()(src__=1,**catalog_kw)
self.failUnless('TRUNCATE(catalog.uid,2) = 2567.54' in sql_src)
def test_SearchOnOwner(self):
# owner= can be used a search key in the catalog to have all documents for
# a specific owner and on which he have the View permission.
obj = self._makeOrganisation(title='The Document')
obj2 = self._makeOrganisation(title='The Document')
obj2.manage_permission('View', [], 0)
obj2.reindexObject()
get_transaction().commit()
self.tic()
ctool = self.getCatalogTool()
self.assertEquals([obj], [x.getObject() for x in
ctool(title='The Document',
owner=self.username)])
self.assertEquals([], [x.getObject() for x in
ctool(title='The Document',
owner='somebody else')])
if __name__ == '__main__':
framework()
else:
......
......@@ -1432,13 +1432,12 @@ class Base( CopyContainer,
security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' )
def getViewPermissionOwner(self):
"""
Returns the user ID of the owner if Owner role
has View permission. Returns None else.
Returns the user ID of the owner if this user has View permission,
otherwise returns None.
"""
path, user_id = self.getOwnerTuple()
if 'Owner' in rolesForPermissionOn(Permissions.View, self):
path, user_id = self.getOwnerTuple()
return user_id
owner = self.getWrappedOwner()
if owner is not None and owner.has_permission(Permissions.View, self):
return str(owner)
return None
# Private accessors for the implementation of relations based on
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment