-
Notifications
You must be signed in to change notification settings - Fork 1
Adding tests for permissions under main use cases #12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
chris-adam
wants to merge
30
commits into
master
Choose a base branch
from
DMS-1056
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 2 commits
Commits
Show all changes
30 commits
Select commit
Hold shift + click to select a range
0fa5703
Adding tests for permissions under main use cases WIP
chris-adam 0fdf149
Refactored permissions tests
chris-adam 38bf3f4
Added comment
sgeulette cc782a1
Refactored permissions tests
chris-adam 4b8cc4f
Merge branch 'DMS-1056' of https://github.com/IMIO/imio.dms.mail into…
chris-adam e4aa5f8
Merge branch 'master' of https://github.com/IMIO/imio.dms.mail into D…
chris-adam 86892b3
Added Request review in permissions. Added assigned_group on task.
sgeulette 6239849
Added `utils.clean_borg_cache` to be used in tests
sgeulette 50903a0
Added comment
sgeulette f82fa87
Updated permission incoming mail test
chris-adam 57a2d93
Updated tests for permisions incoming emails and outgoing mails
chris-adam b5aa363
Merge branch 'master' of https://github.com/IMIO/imio.dms.mail into D…
chris-adam 2424d9f
Removed chef from default perms, start working on wfadapt tests
bleybaert ec54b3a
fix some tests
bleybaert 70d5db0
add teardown to testpermissionbase
bleybaert 7935a61
rename test_permission_base to get around warning
bleybaert 0822eb0
refactor permissions tests
bleybaert 29538aa
split wfadapt tests into 2 files. applied wfadapt
bleybaert fd61c04
implements to_print permission tests
bleybaert d8e2210
implements pre_manage_validation permission tests
bleybaert a20992e
implements incomingmail service_validation permission tests
bleybaert 03b45e6
implements outgoing service_validation permission tests
bleybaert fb81680
finish tests to_print
bleybaert 83c68fd
finish premanager permission tests
bleybaert 9680452
finish incoming service validation permission tests
bleybaert f29df48
fixed some tests
bleybaert c063d8a
Started permissions test reviewing
sgeulette 724ee72
Added assertOnlyViewPerms method to simplify code
sgeulette 5fbc9ac
Used self.assertHasNoPerms when possible
sgeulette af0dcee
Used self.assertHasAllPerms when possible
sgeulette File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| # -*- coding: utf-8 -*- | ||
| """ user permissions tests for this package.""" | ||
| from imio.dms.mail.testing import change_user | ||
| from imio.dms.mail.testing import DMSMAIL_INTEGRATION_TESTING | ||
| from plone import api | ||
|
|
||
| import unittest | ||
|
|
||
|
|
||
| class TestPermissionsBase(unittest.TestCase): | ||
|
|
||
| layer = DMSMAIL_INTEGRATION_TESTING | ||
|
|
||
| def setUp(self): | ||
| self.portal = self.layer["portal"] | ||
| self.imf = self.portal["incoming-mail"] | ||
| self.omf = self.portal["outgoing-mail"] | ||
| self.pw = api.portal.get_tool("portal_workflow") | ||
| change_user(self.portal) | ||
|
|
||
| def get_perms(self, userid, obj): | ||
| perms = ( | ||
| "Access contents information", | ||
| "Add portal content", | ||
| "Delete objects", | ||
| "Modify portal content", | ||
| "Review portal content", | ||
| "View", | ||
| "collective.dms.basecontent: Add DmsFile", | ||
| "imio.dms.mail: Write mail base fields", | ||
| "imio.dms.mail: Write treating group field", | ||
| ) | ||
| perms = {perm: api.user.has_permission(perm, userid, obj=obj) for perm in perms} | ||
| return perms | ||
|
|
||
| def assertHasAllPerms(self, userid, obj): | ||
| self.assertTrue(all(self.get_perms(userid, obj).values())) | ||
|
|
||
| def assertHasNoPerms(self, userid, obj): | ||
| self.assertFalse(any(self.get_perms(userid, obj).values())) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,253 @@ | ||
| # -*- coding: utf-8 -*- | ||
| """ user permissions tests for this package.""" | ||
| from datetime import datetime | ||
| from imio.dms.mail.testing import change_user | ||
| from imio.dms.mail.tests.test_permissions_base import TestPermissionsBase | ||
| from imio.dms.mail.utils import sub_create | ||
| from plone import api | ||
| from z3c.relationfield.relation import RelationValue | ||
| from zope.component import getUtility | ||
| from zope.intid.interfaces import IIntIds | ||
|
|
||
|
|
||
| class TestPermissionsIncomingEmail(TestPermissionsBase): | ||
| def test_incoming_email_permissions(self): | ||
| intids = getUtility(IIntIds) | ||
| params = { | ||
| "title": "Courrier 10", | ||
| "mail_type": "email", | ||
| "internal_reference_no": "E0010", | ||
| "sender": [RelationValue(intids.getId(self.portal["contacts"]["jeancourant"]))], | ||
| "treating_groups": self.portal["contacts"]["plonegroup-organization"]["direction-generale"]["grh"].UID(), | ||
| "description": "Ceci est la description du courrier", | ||
| "mail_date": datetime.today(), | ||
| } | ||
| iemail = sub_create(self.imf, "dmsincomingmail", datetime.today(), "my-id", **params) | ||
|
|
||
| change_user(self.portal, "encodeur") | ||
| annex = api.content.create(container=iemail, id="annex", type="dmsappendixfile") | ||
| file = api.content.create(container=iemail, id="file", type="dmsmainfile") | ||
| task = api.content.create(container=iemail, id="task", type="task") | ||
|
|
||
| iemail_perms = self.get_perms(iemail) | ||
| self.assertFalse(any(iemail_perms["chef"])) | ||
| self.assertFalse(any(iemail_perms["lecteur"])) | ||
| self.assertFalse(any(iemail_perms["dirg"])) | ||
| self.assertFalse(any(iemail_perms["agent"])) | ||
| self.assertFalse(any(iemail_perms["agent1"])) | ||
| self.assertTrue(all(iemail_perms["encodeur"])) | ||
| self.assertTrue(api.user.has_permission("Delete objects", "encodeur", obj=iemail)) # should be False ? | ||
| self.assertTrue(api.user.has_permission("Review portal content", "encodeur", obj=iemail)) # should be False ? | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", file).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", file).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", file).values())) | ||
| self.assertTrue(all(self.get_perms("encodeur", file).values())) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", annex).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", annex).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", annex).values())) | ||
| self.assertTrue(all(self.get_perms("encodeur", annex).values())) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", task).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", task).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", task).values())) | ||
| self.assertEqual( | ||
| self.get_perms("encodeur", task), | ||
| { | ||
| "Access contents information": True, | ||
| "Add portal content": False, | ||
| "Delete objects": True, | ||
| "Modify portal content": True, | ||
| "Review portal content": False, | ||
| "View": True, | ||
| "collective.dms.basecontent: Add DmsFile": False, | ||
| "imio.dms.mail: Write mail base fields": False, | ||
| "imio.dms.mail: Write treating group field": False, | ||
| }, | ||
| ) | ||
|
|
||
| self.pw.doActionFor(iemail, "propose_to_manager") | ||
|
|
||
| iemail_perms = self.get_perms(iemail) | ||
| self.assertFalse(any(iemail_perms["chef"])) | ||
| self.assertFalse(any(iemail_perms["lecteur"])) | ||
| self.assertEqual(iemail_perms["dirg"], [True, False, False, True, True, True, False, True, True]) | ||
| self.assertFalse(any(iemail_perms["agent"])) | ||
| self.assertFalse(any(iemail_perms["agent1"])) | ||
| self.assertEqual(iemail_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", file).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", file).values())) | ||
| self.assertEqual(file_perms["dirg"], [True, False, False, False, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", file).values())) | ||
| self.assertEqual(file_perms["encodeur"], [True, True, False, True, False, True, True, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", annex).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", annex).values())) | ||
| self.assertEqual(annex_perms["dirg"], [True, False, True, True, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", annex).values())) | ||
| self.assertEqual(annex_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", task).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", task).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", task).values())) | ||
| self.assertEqual( | ||
| self.get_perms("encodeur", task), | ||
| { | ||
| "Access contents information": True, | ||
| "Add portal content": False, | ||
| "Delete objects": True, | ||
| "Modify portal content": True, | ||
| "Review portal content": False, | ||
| "View": True, | ||
| "collective.dms.basecontent: Add DmsFile": False, | ||
| "imio.dms.mail: Write mail base fields": False, | ||
| "imio.dms.mail: Write treating group field": False, | ||
| }, | ||
| ) | ||
|
|
||
| change_user(self.portal, "dirg") | ||
| self.pw.doActionFor(iemail, "propose_to_agent") | ||
|
|
||
| iemail_perms = self.get_perms(iemail) | ||
| self.assertFalse(any(iemail_perms["chef"])) | ||
| self.assertFalse(any(iemail_perms["lecteur"])) | ||
| self.assertEqual(iemail_perms["dirg"], [True, False, False, True, True, True, False, True, True]) | ||
| self.assertFalse(any(iemail_perms["agent"])) | ||
| self.assertFalse(any(iemail_perms["agent1"])) | ||
| self.assertEqual(iemail_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", file).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", file).values())) | ||
| self.assertEqual(file_perms["dirg"], [True, False, False, False, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", file).values())) | ||
| self.assertEqual(file_perms["encodeur"], [True, True, False, True, False, True, True, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", annex).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", annex).values())) | ||
| self.assertEqual(annex_perms["dirg"], [True, False, True, True, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", annex).values())) | ||
| self.assertEqual(annex_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", task).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", task).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", task).values())) | ||
| self.assertEqual( | ||
| self.get_perms("encodeur", task), | ||
| { | ||
| "Access contents information": True, | ||
| "Add portal content": False, | ||
| "Delete objects": True, | ||
| "Modify portal content": True, | ||
| "Review portal content": False, | ||
| "View": True, | ||
| "collective.dms.basecontent: Add DmsFile": False, | ||
| "imio.dms.mail: Write mail base fields": False, | ||
| "imio.dms.mail: Write treating group field": False, | ||
| }, | ||
| ) | ||
|
|
||
| # change_user(self.portal, "agent") | ||
| # FIXME agent does not have permission to treat the mail | ||
| self.pw.doActionFor(iemail, "treat") | ||
|
|
||
| iemail_perms = self.get_perms(iemail) | ||
| self.assertFalse(any(iemail_perms["chef"])) | ||
| self.assertFalse(any(iemail_perms["lecteur"])) | ||
| self.assertEqual(iemail_perms["dirg"], [True, False, False, True, True, True, False, True, True]) | ||
| self.assertFalse(any(iemail_perms["agent"])) | ||
| self.assertFalse(any(iemail_perms["agent1"])) | ||
| self.assertEqual(iemail_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", file).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", file).values())) | ||
| self.assertEqual(file_perms["dirg"], [True, False, False, False, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", file).values())) | ||
| self.assertEqual(file_perms["encodeur"], [True, True, False, True, False, True, True, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", annex).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", annex).values())) | ||
| self.assertEqual(annex_perms["dirg"], [True, False, True, True, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", annex).values())) | ||
| self.assertEqual(annex_perms["encodeur"], [True, True, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", task).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", task).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", task).values())) | ||
| self.assertEqual( | ||
| self.get_perms("encodeur", task), | ||
| { | ||
| "Access contents information": True, | ||
| "Add portal content": False, | ||
| "Delete objects": True, | ||
| "Modify portal content": True, | ||
| "Review portal content": False, | ||
| "View": True, | ||
| "collective.dms.basecontent: Add DmsFile": False, | ||
| "imio.dms.mail: Write mail base fields": False, | ||
| "imio.dms.mail: Write treating group field": False, | ||
| }, | ||
| ) | ||
|
|
||
| self.pw.doActionFor(iemail, "close") | ||
|
|
||
| iemail_perms = self.get_perms(iemail) | ||
| self.assertFalse(any(iemail_perms["chef"])) | ||
| self.assertFalse(any(iemail_perms["lecteur"])) | ||
| self.assertEqual(iemail_perms["dirg"], [True, True, False, True, True, True, False, True, True]) | ||
| self.assertFalse(any(iemail_perms["agent"])) | ||
| self.assertFalse(any(iemail_perms["agent1"])) | ||
| self.assertEqual(iemail_perms["encodeur"], [True, False, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", file).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", file).values())) | ||
| self.assertEqual(file_perms["dirg"], [True, True, False, False, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", file).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", file).values())) | ||
| self.assertEqual(file_perms["encodeur"], [True, False, False, True, False, True, True, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", annex).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", annex).values())) | ||
| self.assertEqual(annex_perms["dirg"], [True, True, True, True, True, True, False, True, True]) | ||
| self.assertFalse(any(self.get_perms("agent", annex).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", annex).values())) | ||
| self.assertEqual(annex_perms["encodeur"], [True, False, False, False, False, True, False, True, False]) | ||
|
|
||
| self.assertFalse(any(self.get_perms("chef", task).values())) | ||
| self.assertFalse(any(self.get_perms("lecteur", task).values())) | ||
| self.assertFalse(any(self.get_perms("dirg", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent", task).values())) | ||
| self.assertFalse(any(self.get_perms("agent1", task).values())) | ||
| self.assertEqual( | ||
| self.get_perms("encodeur", task), | ||
| { | ||
| "Access contents information": True, | ||
| "Add portal content": False, | ||
| "Delete objects": True, | ||
| "Modify portal content": True, | ||
| "Review portal content": False, | ||
| "View": True, | ||
| "collective.dms.basecontent: Add DmsFile": False, | ||
| "imio.dms.mail: Write mail base fields": False, | ||
| "imio.dms.mail: Write treating group field": False, | ||
| }, | ||
| ) | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Une idée de ceci ?