diff --git a/master/bt5/slapos_erp5/LocalRolesTemplateItem/computer_model_module.xml b/master/bt5/slapos_erp5/LocalRolesTemplateItem/computer_model_module.xml index 944a11eaba8bc6b8bb265aba00edef171e5562a6..b18ad9b21bfd60b8de272110e95c5c08cf4cb096 100644 --- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/computer_model_module.xml +++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/computer_model_module.xml @@ -1,22 +1,22 @@ <local_roles_item> <local_roles> - <role id='G-COMPANY'> + <role id='F-CUSTOMER'> <item>Auditor</item> - <item>Author</item> </role> - <role id='R-MEMBER'> + <role id='F-PRODUCTION*'> <item>Auditor</item> <item>Author</item> </role> + <role id='R-SHADOW-PERSON'> + <item>Auditor</item> + </role> </local_roles> <local_role_group_ids> - <local_role_group_id id='group'> - <principal id='G-COMPANY'>Auditor</principal> - <principal id='G-COMPANY'>Author</principal> + <local_role_group_id id='function'> + <principal id='F-CUSTOMER'>Auditor</principal> </local_role_group_id> - <local_role_group_id id='user'> - <principal id='R-MEMBER'>Auditor</principal> - <principal id='R-MEMBER'>Author</principal> + <local_role_group_id id='shadow'> + <principal id='R-SHADOW-PERSON'>Auditor</principal> </local_role_group_id> </local_role_group_ids> </local_roles_item> \ No newline at end of file diff --git a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model%20Module.xml b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model%20Module.xml index 9bc65855ed198e8563101f1c3369362472238b54..b715403a5e798ff1fccd479f96d6af5857674dbb 100644 --- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model%20Module.xml +++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model%20Module.xml @@ -1,14 +1,19 @@ <type_roles> - <role id='Auditor; Author'> - <property id='title'>Group Company</property> - <multi_property id='categories'>local_role_group/group</multi_property> - <multi_property id='category'>group/company</multi_property> - <multi_property id='base_category'>group</multi_property> - </role> - <role id='Auditor; Author'> + <role id='Auditor'> <property id='title'>Member</property> - <multi_property id='categories'>local_role_group/user</multi_property> - <multi_property id='category'>role/member</multi_property> + <multi_property id='categories'>local_role_group/function</multi_property> + <multi_property id='category'>function/customer</multi_property> + <multi_property id='base_category'>function</multi_property> + </role> + <role id='Auditor'> + <property id='title'>Person Shadow</property> + <multi_property id='categories'>local_role_group/shadow</multi_property> + <multi_property id='category'>role/shadow/person</multi_property> <multi_property id='base_category'>role</multi_property> </role> + <role id='Auditor; Author'> + <property id='title'>Production</property> + <multi_property id='category'>function/production*</multi_property> + <multi_property id='base_category'>function</multi_property> + </role> </type_roles> \ No newline at end of file diff --git a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model.xml b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model.xml index b698128537c51535a702ae56eedbee8a12ff2881..f186cca9b708348295326ff9c6f9795ffe37e5fb 100644 --- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model.xml +++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Model.xml @@ -1,15 +1,32 @@ <type_roles> + <role id='Auditor'> + <property id='title'>Person Shadow</property> + <multi_property id='categories'>local_role_group/shadow</multi_property> + <multi_property id='category'>role/shadow/person</multi_property> + <multi_property id='base_category'>role</multi_property> + </role> + <role id='Auditor'> + <property id='title'>Project Customer</property> + <property id='description'>XXX add local role group</property> + <property id='condition'>python: context.getFollowUp("") != ""</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> + <multi_property id='category'>function/customer</multi_property> + <multi_property id='base_category'>follow_up</multi_property> + </role> <role id='Assignee'> - <property id='title'>Compute Node Agent</property> - <property id='description'>Monovalued role</property> + <property id='title'>Project Production Agent</property> + <property id='description'>XXX add local role group</property> + <property id='condition'>python: context.getFollowUp("") != ""</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> - <multi_property id='categories'>local_role_group/user</multi_property> - <multi_property id='base_category'>source_administration</multi_property> + <multi_property id='category'>function/production/agent</multi_property> + <multi_property id='base_category'>follow_up</multi_property> </role> <role id='Assignor'> - <property id='title'>Group company</property> - <multi_property id='categories'>local_role_group/group</multi_property> - <multi_property id='category'>group/company</multi_property> - <multi_property id='base_category'>group</multi_property> + <property id='title'>Project Production Manager</property> + <property id='description'>XXX add local role group</property> + <property id='condition'>python: context.getFollowUp("") != ""</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> + <multi_property id='category'>function/production/manager</multi_property> + <multi_property id='base_category'>follow_up</multi_property> </role> </type_roles> \ No newline at end of file diff --git a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py index 9e2004f168f09ed8c6123437f5f3df4ea5ab13c1..730cbdb5febfb7f55a21fe60910718c701569e99 100644 --- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py +++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py @@ -134,36 +134,45 @@ class TestComputeNode(TestSlapOSGroupRoleSecurityMixin): class TestComputerModel(TestSlapOSGroupRoleSecurityMixin): - def test_GroupCompany(self): + def test_default(self): model = self.portal.computer_model_module.newContent( portal_type='Computer Model') model.updateLocalRolesOnSecurityGroups() self.assertSecurityGroup(model, - ['G-COMPANY', self.user_id], False) - self.assertRoles(model, 'G-COMPANY', ['Assignor']) + ['R-SHADOW-PERSON', self.user_id], False) + self.assertRoles(model, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(model, self.user_id, ['Owner']) - def test_ComputeNodeAgent(self): - reference = 'TESTPERSON-%s' % self.generateNewId() - person = self.portal.person_module.newContent(portal_type='Person', - reference=reference) - model = self.portal.computer_model_module.newContent( + def test_ProjectMember(self): + project = self.addProject() + compute_node = self.portal.computer_model_module.newContent( portal_type='Computer Model', - source_administration=person.getRelativeUrl()) - model.updateLocalRolesOnSecurityGroups() - self.assertSecurityGroup(model, - ['G-COMPANY', self.user_id, person.getUserId()], False) - self.assertRoles(model, person.getUserId(), ['Assignee']) - self.assertRoles(model, self.user_id, ['Owner']) + follow_up_value=project) + + compute_node.updateLocalRolesOnSecurityGroups() + self.assertSecurityGroup(compute_node, [ + self.user_id, + 'R-SHADOW-PERSON', + '%s_F-PRODAGNT' % project.getReference(), + '%s_F-PRODMAN' % project.getReference(), + '%s_F-CUSTOMER' % project.getReference(), + ], False) + self.assertRoles(compute_node, self.user_id, ['Owner']) + self.assertRoles(compute_node, 'R-SHADOW-PERSON', ['Auditor']) + self.assertRoles(compute_node, '%s_F-PRODAGNT' % project.getReference(), ['Assignee']) + self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor']) + self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor']) class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin): def test(self): module = self.portal.computer_model_module self.changeOwnership(module) self.assertSecurityGroup(module, - ['G-COMPANY', 'R-MEMBER', self.user_id], False) - self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author']) - self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author']) + ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', self.user_id], + False) + self.assertRoles(module, 'F-CUSTOMER', ['Auditor']) + self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author']) + self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor']) self.assertRoles(module, self.user_id, ['Owner']) class TestComputerModule(TestSlapOSGroupRoleSecurityMixin):