tests and fixes bug #149: local roles not correctly indexed/retrieved

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12666 20353a03-c40f-0410-a6d1-a30d3c3de9de

tests and fixes bug #149: local roles not correctly indexed/retrieved
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12666 20353a03-c40f-0410-a6d1-a30d3c3de9de
f03865a2 · Alexandre Boeglin · 5434fe6b · f03865a2 · f03865a2 · f03865a2
Commit f03865a2 authored Feb 13, 2007 by Alexandre Boeglin
3 changed files
--- a/product/ERP5Type/ZopePatch.py
+++ b/product/ERP5Type/ZopePatch.py
@@ -47,6 +47,7 @@ from Products.ERP5Type.patches import CMFCoreSkinnable
 from Products.ERP5Type.patches import CMFCoreSkinsTool
 from Products.ERP5Type.patches import OFSFolder
 from Products.ERP5Type.patches import HTTPRequest
+from Products.ERP5Type.patches import RoleManager
 # These symbols are required for backward compatibility
 from Products.ERP5Type.patches.PropertyManager import ERP5PropertyManager

--- a/product/ERP5Type/patches/RoleManager.py
+++ b/product/ERP5Type/patches/RoleManager.py
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# Copyright (c) 2002,2005 Nexedi SARL and Contributors. All Rights Reserved.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+# monkeypatch to have role mathods call reindex
+# make sure NuxUserGroups monkeypatches RoleManager first
+try:
+  import NuxUserGroups
+except ImportError:
+  pass
+from AccessControl.Role import RoleManager
+# Security and catalog reindexing triggers
+def manage_addLocalRoles(self, userid, roles, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_addLocalRoles(self, userid, roles, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+def manage_setLocalRoles(self, userid, roles, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_setLocalRoles(self, userid, roles, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+def manage_delLocalRoles(self, userid, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_delLocalRoles(self, userid, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+def manage_addLocalGroupRoles(self, groupid, roles, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_addLocalGroupRoles(self, groupid, roles, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+def manage_setLocalGroupRoles(self, groupid, roles, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_setLocalGroupRoles(self, groupid, roles, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+def manage_delLocalGroupRoles(self, groupids, REQUEST=None):
+  "reindex after role update"
+  RoleManager.old_manage_delLocalGroupRoles(self, groupids, REQUEST=REQUEST)
+  reindex_method = getattr(self, 'recursiveReindexObject', None)
+  if reindex_method is not None: reindex_method()
+RoleManager.old_manage_addLocalRoles = RoleManager.manage_addLocalRoles
+RoleManager.manage_addLocalRoles = manage_addLocalRoles
+RoleManager.old_manage_setLocalRoles = RoleManager.manage_setLocalRoles
+RoleManager.manage_setLocalRoles = manage_setLocalRoles
+RoleManager.old_manage_delLocalRoles = RoleManager.manage_delLocalRoles
+RoleManager.manage_delLocalRoles = manage_delLocalRoles
+if getattr(RoleManager, 'manage_addLocalGroupRoles', None) is not None:
+  RoleManager.old_manage_addLocalGroupRoles = RoleManager.manage_addLocalGroupRoles
+  RoleManager.manage_addLocalGroupRoles = manage_addLocalGroupRoles
+  RoleManager.old_manage_setLocalGroupRoles = RoleManager.manage_setLocalGroupRoles
+  RoleManager.manage_setLocalGroupRoles = manage_setLocalGroupRoles
+  RoleManager.old_manage_delLocalGroupRoles = RoleManager.manage_delLocalGroupRoles
+  RoleManager.manage_delLocalGroupRoles = manage_delLocalGroupRoles
--- a/product/ERP5Type/tests/testERP5Type.py
+++ b/product/ERP5Type/tests/testERP5Type.py
@@ -801,6 +801,7 @@ class TestPropertySheet:
      """Tests that the default value is returned correctly when a default
      value is defined using the property sheet.
      """
+      if not run: return
      self._addProperty('Person', '''{'id': 'dummy_ps_prop',
                                      'type': 'string',
                                      'mode': 'w',
@@ -830,6 +831,7 @@ class TestPropertySheet:
    def test_16_SimpleStringAccessor(self,quiet=quiet, run=run_all_test):
      """Tests a simple string accessor.
      This is also a way to test _addProperty method """
+      if not run: return
      self._addProperty('Person', '''{'id': 'dummy_ps_prop',
                                      'type': 'string',
                                      'mode': 'w',}''')
@@ -846,6 +848,7 @@ class TestPropertySheet:
      the Person portal type and that this workflow has 'validation_state' as
      state_variable.
      """
+      if not run: return
      person = self.getPersonModule().newContent(id='1', portal_type='Person')
      wf = self.getWorkflowTool().validation_workflow
      # those are assumptions for this test.
@@ -909,6 +912,7 @@ class TestPropertySheet:
    def test_18_SimpleContentAccessor(self,quiet=quiet, run=run_all_test):
      """Tests a simple content accessor.
      """
+      if not run: return
      # For testing purposes, we add a default_organisation inside a person, 
      # and we add code to generate a 'default_organisation_title' property on
      # this person that will returns the organisation title.
@@ -969,6 +973,7 @@ class TestPropertySheet:
    def test_19_AcquiredContentAccessor(self,quiet=quiet, run=run_all_test):
      """Tests an acquired content accessor.
      """
+      if not run: return
      # For testing purposes, we add a default_organisation inside a person, 
      # and we add code to generate a 'default_organisation_title' property on
      # this person that will returns the organisation title. If this is not
@@ -1005,6 +1010,7 @@ class TestPropertySheet:
      that may have the same id, using same scenario as test_19
      Note that we only test Setter for now.
      """
+      if not run: return
      self._addProperty('Person', self.DEFAULT_ORGANISATION_TITLE_ACQUIRED_PROP)
      # add destination base category to Person TI
      person_ti = self.getTypesTool().getTypeInfo('Person')
@@ -1034,6 +1040,7 @@ class TestPropertySheet:
      """asContext method return a temporary copy of an object.
      Any modification made to the copy does not change the original object.
      """
+      if not run: return
      obj = self.getPersonModule().newContent(portal_type='Person')
      obj.setTitle('obj title')
      copy = obj.asContext()
@@ -1056,6 +1063,7 @@ class TestPropertySheet:
    def test_21_ActionCondition(self, quiet=quiet, run=run_all_test):
      """Tests action conditions
      """
+      if not run: return
      type_tool = self.getTypeTool()
      portal_type_object = type_tool['Organisation']
      def addCustomAction(name,condition):
@@ -1087,6 +1095,28 @@ class TestPropertySheet:
      action_id_list = [x['id'] for x in actions.get('object_action',[])]
      self.failUnless('action3' in action_id_list)
+    def test_22_securityReindex(self, quiet=quiet, run=run_all_test):
+      """
+      Tests that the security is reindexed when a role is changed on an object
+      """
+      if not run: return
+      from AccessControl import getSecurityManager
+      user = getSecurityManager().getUser()
+      portal = self.getPortal()
+      person_module = self.getPersonModule()
+      person = person_module.newContent(portal_type='Person', title='foo')
+      person.manage_permission('View', roles=['Auditor'], acquire=0)
+      get_transaction().commit() ; self.tic()
+      self.assertTrue('Auditor' not in user.getRolesInContext(person))
+      self.assertEquals(len(person_module.searchFolder()), 0)
+      person_module.manage_addLocalRoles(user.getId(), ['Auditor'])
+      get_transaction().commit() ; self.tic()
+      self.assertTrue('Auditor' in user.getRolesInContext(person))
+      self.assertEquals(len(person_module.searchFolder()), 1)
 if __name__ == '__main__':
  framework()
 else: