slapos_erp5: fix Business Process local roles

Accounting people can view the business process

slapos_erp5: fix Business Process local roles
Accounting people can view the business process
6f678c50 · Romain Courteaud · 4b30e9a8 · 6f678c50 · 6f678c50 · 6f678c50
Commit 6f678c50 authored Nov 02, 2023 by Romain Courteaud
5 changed files
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='function'>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
    <principal id='F-SALE*'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module/slapos_ultimate_business_process.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module/slapos_ultimate_business_process.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='function'>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
    <principal id='F-SALE*'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process%20Module.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Sale</property>
   <multi_property id='categories'>local_role_group/function</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Sale</property>
   <multi_property id='categories'>local_role_group/function</multi_property>

--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py
@@ -1620,3 +1620,25 @@ class TestOrganisation(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])

+
+class TestBusinessProcessModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_BusinessProcessModule(self):
+    module = self.portal.business_process_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*',
+         module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+
+
+class TestBusinessProcess(TestSlapOSGroupRoleSecurityMixin):
+  def test_BusinessProcess_default(self):
+    delivery = self.portal.business_process_module.newContent(
+        portal_type='Business Process')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+