erp5_workflow: Add ERP5Workflow security test, add after_script.

46967ab1 · wenjie.zheng · 48953b4f · 46967ab1 · 46967ab1 · 46967ab1
Commit 46967ab1 authored Jan 30, 2015 by wenjie.zheng
5 changed files
--- a/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/PermissionRoles_asCellRange.xml
+++ b/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/PermissionRoles_asCellRange.xml
@@ -52,13 +52,7 @@
            <key> <string>_body</string> </key>
            <value> <string>managed_permissions = sorted(context.getParent().getManagedPermissionList())\n
 available_roles = context.getRoleList()\n
-"""\n
-available_roles = sorted(["Anonymous", "Assignee", "Assignor", "Associate",\n
-                "Auditor", "Authenticated", "Author", "Manager",\n
-                "Member", "Owner", "Reviewer"])\n
-"""\n
 \n
-### zwj: build the permission role matrix [[],[],[],[],[],...]\n
 ma_i = []\n
 ma_j = []\n
 \n

--- a/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/Workflow_viewPermissionList.xml
+++ b/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/Workflow_viewPermissionList.xml
@@ -72,7 +72,7 @@
                    <key> <string>left</string> </key>
                    <value>
                      <list>
-                        <string>my_managed_permission</string>
+                        <string>my_workflow_managed_permission_list</string>
                      </list>
                    </value>
                </item>

--- a/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/Workflow_viewPermissionList/my_managed_permission.xml
+++ b/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/Workflow_viewPermissionList/my_managed_permission.xml
@@ -17,7 +17,7 @@
        </item>
        <item>
            <key> <string>id</string> </key>
-            <value> <string>my_managed_permission</string> </value>
+            <value> <string>my_workflow_managed_permission_list</string> </value>
        </item>
        <item>
            <key> <string>message_values</string> </key>

--- a/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/dlt_object.xml
+++ b/bt5/erp5_workflow/SkinTemplateItem/portal_skins/erp5_workflow/dlt_object.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_body</string> </key>
+            <value> <string>context.getParentValue().deleteContent(context.getId())\n
+</string> </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>dlt_object</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/bt5/erp5_workflow/TestTemplateItem/portal_components/test.erp5.testWorkflow5Method.py
+++ b/bt5/erp5_workflow/TestTemplateItem/portal_components/test.erp5.testWorkflow5Method.py
@@ -24,10 +24,24 @@ class TestERP5Workflow(ERP5TypeTestCase):
    # Create a workflow
    new_workflow = self.workflow_module.newContent(portal_type='Workflow',
                                                   id='new_workflow')
+
+    new_workflow.managed_permission_list = ['P1']# add workflow managed_permission
+
    s1 = new_workflow.newContent(portal_type='State',title='Draft', id='draft')
    s2 = new_workflow.newContent(portal_type='State',title='Validated', id='validated')
    s3 = new_workflow.newContent(portal_type='State',title='Couscous', id='Couscous')

+    ### generate permission role mapping matrix
+    s1_p1_r1 = s1.newContent(portal_type='PermissionRoles',id = 'cell_0_0')
+    s1_p1_r2 = s1.newContent(portal_type='PermissionRoles',id = 'cell_0_1')
+    s1_p1_r2 = s2.newContent(portal_type='PermissionRoles',id = 'cell_0_0')
+    s2_p1_r2 = s2.newContent(portal_type='PermissionRoles',id = 'cell_0_1')
+
+    s1_p1_r1.is_selected = 1 # assign r1 (Anonymous) to p1 for state 1
+    s1_p1_r2.is_selected = 0
+    s1_p1_r2.is_selected = 0 
+    s2_p1_r2.is_selected = 1 # assign r2 (Assignee) to p1 for state 2
+
    #raise NotImplementedError(aq_parent(aq_inner(aq_parent(aq_inner(s1)))))### <Workflow Module at workflow_module>
    #raise NotImplementedError(aq_inner(aq_parent(aq_inner(s1))))### <Workflow at new_workflow>
    #raise NotImplementedError(aq_parent(aq_inner(s1)))### <Workflow at new_workflow>
@@ -81,6 +95,7 @@ class TestERP5Workflow(ERP5TypeTestCase):
    new_object = self.portal.new_module.newContent(portal_type='Object Type',
                                                    id='new_object')

+
    self.assertTrue(new_object is not None)
    self.assertEqual(new_object.getPortalType(), 'Object Type')

@@ -91,6 +106,8 @@ class TestERP5Workflow(ERP5TypeTestCase):
    self.assertEqual(new_object.getNewState(), 'draft')
    self.assertEqual(new_object.getNewStateTitle(), 'Draft')
    self.assertEqual(new_object.getTranslatedNewStateTitle(), 'Brouillon')
+    permission_role = getattr(new_object,'_P1_Permission',())
+    self.assertEqual(permission_role[0], 'Anonymous')

    ### execute transition
    t1.execute(new_object)
@@ -103,6 +120,8 @@ class TestERP5Workflow(ERP5TypeTestCase):

    new_object.transition1()
    self.assertEqual(new_object.getNewStateTitle(), 'Validated')
+    permission_role = getattr(new_object,'_P1_Permission',())
+    self.assertEqual(permission_role[0], 'Assignee')

    new_object.setToCouscousPlease()
    self.assertEqual(new_object.getNewStateTitle(), 'Couscous')