odoo-tower/odoo-addons
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
43f1d3a4602a42c99914bd130b07a92344efae5e
odoo-addons/addons/cetmix_tower_server/tests/test_file_template.py

235 lines
8.7 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
from odoo.exceptions import AccessError
from .common import TestTowerCommon
class TestCxTowerFileTemplateAccessRules(TestTowerCommon):
def test_user_no_access(self):
"""
Verify that a user in the User group has no access
to any file template records.
"""
# Create a file template record as admin.
record = self.FileTemplate.create(
{
"name": "Template 1",
"file_name": "template1.txt",
"code": "Sample code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
}
)
# As the user, search for the record expect no records.
with self.assertRaises(AccessError):
self.FileTemplate.with_user(self.user).search([("id", "=", record.id)])
# Attempting to create a record as a user should raise an AccessError.
with self.assertRaises(AccessError):
self.FileTemplate.with_user(self.user).create(
{
"name": "Template 2",
"file_name": "user_template.txt",
"code": "User code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
}
)
def test_manager_read_access(self):
"""
Verify that a manager can read file template records
if he is not in user_ids or manager_ids.
"""
# Create a record with the manager in manager_ids.
rec1 = self.FileTemplate.create(
{
"name": "Template 1",
"file_name": "template_manager.txt",
"code": "Manager code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(6, 0, [self.manager.id])],
}
)
# Create a record with the manager in user_ids.
rec2 = self.FileTemplate.create(
{
"name": "Template 2",
"file_name": "template_user.txt",
"code": "User code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"user_ids": [(6, 0, [self.manager.id])],
}
)
# Create a record that does not include the manager.
rec3 = self.FileTemplate.create(
{
"name": "Template 3",
"file_name": "template_none.txt",
"code": "None code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
}
)
recs = self.FileTemplate.with_user(self.manager).search([])
self.assertIn(rec1, recs, "Manager should read records if in manager_ids.")
self.assertIn(rec2, recs, "Manager should read records if in user_ids.")
self.assertNotIn(
rec3,
recs,
"Manager should not see records if not in user_ids or manager_ids.",
)
def test_manager_write_create_access(self):
"""
Verify that a manager can write and create file template records
only if he is in manager_ids.
"""
# Create a record with manager_ids including the manager.
rec = self.FileTemplate.create(
{
"name": "Template 1",
"file_name": "template_for_update.txt",
"code": "Initial code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(6, 0, [self.manager.id])],
}
)
# Manager should be able to update the record.
try:
rec.with_user(self.manager).write({"file_name": "template_updated.txt"})
except AccessError:
self.fail(
"Manager should be able to update the record when in manager_ids."
)
self.assertEqual(rec.with_user(self.manager).file_name, "template_updated.txt")
# Manager should be able to create a record if included in manager_ids.
rec2 = self.FileTemplate.with_user(self.manager).create(
{
"name": "Template 2",
"file_name": "manager_created_template.txt",
"code": "Manager created",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(6, 0, [self.manager.id])],
}
)
self.assertTrue(
rec2,
"Manager should be able to create a record when included in manager_ids.",
)
# Creating a record without including the manager should raise an AccessError.
with self.assertRaises(AccessError):
self.FileTemplate.with_user(self.manager).create(
{
"name": "Template 3",
"file_name": "invalid_template.txt",
"code": "Invalid",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(5, 0, 0)],
}
)
def test_manager_unlink_access(self):
"""
Verify that a manager can delete a file template record only if
he is in manager_ids and is the creator.
"""
# Scenario 1: Record created by the manager.
rec = self.FileTemplate.with_user(self.manager).create(
{
"name": "Template 1",
"file_name": "template_to_delete.txt",
"code": "Code to delete",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(6, 0, [self.manager.id])],
}
)
try:
rec.with_user(self.manager).unlink()
except AccessError:
self.fail(
"Manager should be able to delete a record "
"he created when in manager_ids."
)
# Scenario 2: Record created by admin (or another user)
# even though manager_ids includes the manager.
rec2 = self.FileTemplate.create(
{
"name": "Template 2",
"file_name": "template_not_deletable.txt",
"code": "Admin created code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
"manager_ids": [(6, 0, [self.manager.id])],
}
)
with self.assertRaises(AccessError):
rec2.with_user(self.manager).unlink()
def test_root_unrestricted_access(self):
"""
Verify that a user in the Root group has unlimited access
to all file template records.
"""
# Create a file template record (with no particular restrictions).
rec = self.FileTemplate.create(
{
"name": "Template 1",
"file_name": "template_for_root.txt",
"code": "Root code",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
}
)
# As the root user, the record should be visible.
recs = self.FileTemplate.with_user(self.root).search([("id", "=", rec.id)])
self.assertTrue(recs, "Root should see the record regardless of restrictions.")
# Root should be able to update the record.
try:
rec.with_user(self.root).write({"file_name": "root_updated_template.txt"})
except AccessError:
self.fail("Root should be able to update the record without restrictions.")
self.assertEqual(
rec.with_user(self.root).file_name, "root_updated_template.txt"
)
# Root should be able to create a record.
rec2 = self.FileTemplate.with_user(self.root).create(
{
"name": "Template 2",
"file_name": "root_created_template.txt",
"code": "Created by root",
"server_dir": "/templates",
"file_type": "text",
"source": "tower",
}
)
self.assertTrue(
rec2, "Root should be able to create a record without restrictions."
)
# Root should be able to delete a record.
rec2.with_user(self.root).unlink()
recs_after = self.FileTemplate.with_user(self.root).search(
[("id", "=", rec2.id)]
)
self.assertFalse(
recs_after, "Root should be able to delete the record without restrictions."
)
Reference in New Issue View Git Blame Copy Permalink