fa401f82-6782-4b29-a2b6-25baec60fc14
/
OSPPCloudEnterprise3
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OSPPCloudEnterprise3/addons/base_user_role/tests/test_user_role.py

248 lines
9.8 KiB
Python
Raw Blame History

# Copyright 2014 ABF OSIELL <http://osiell.com>
# License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl).
import datetime
from odoo import fields
from odoo.exceptions import AccessError
from odoo.tests.common import TransactionCase
class TestUserRole(TransactionCase):
@classmethod
def setUpClass(cls):
super().setUpClass()
cls.env = cls.env(
context=dict(cls.env.context, tracking_disable=True, no_reset_password=True)
)
cls.user_model = cls.env["res.users"]
cls.role_model = cls.env["res.users.role"]
cls.company1 = cls.env.ref("base.main_company")
cls.company2 = cls.env["res.company"].create({"name": "company2"})
cls.default_user = cls.env.ref("base.default_user")
cls.user_id = cls.user_model.create(
{"name": "USER TEST (ROLES)", "login": "user_test_roles"}
)
# ROLE_1
cls.group_user_id = cls.env.ref("base.group_user")
cls.group_no_one_id = cls.env.ref("base.group_no_one")
vals = {
"name": "ROLE_1",
"implied_ids": [(6, 0, [cls.group_user_id.id, cls.group_no_one_id.id])],
}
cls.role1_id = cls.role_model.create(vals)
# ROLE_2
# Must have group_user in order to have sufficient groups. Check:
# github.com/odoo/odoo/commit/c3717f3018ce0571aa41f70da4262cc946d883b4
cls.group_multi_currency_id = cls.env.ref("base.group_multi_currency")
cls.group_settings_id = cls.env.ref("base.group_system")
vals = {
"name": "ROLE_2",
"implied_ids": [
(
6,
0,
[
cls.group_user_id.id,
cls.group_multi_currency_id.id,
cls.group_settings_id.id,
],
)
],
}
cls.role2_id = cls.role_model.create(vals)
# Setup for multi-company testing
cls.multicompany_user_1 = cls.user_model.create(
{
"name": "User 2",
"company_id": cls.company1.id,
"company_ids": [(6, 0, [cls.company1.id, cls.company2.id])],
"groups_id": [(6, 0, cls.env.ref("base.group_erp_manager").ids)],
"login": "multicompany_user_1",
}
)
cls.multicompany_user_2 = cls.user_model.create(
{
"name": "User 2",
"company_id": cls.company2.id,
"company_ids": [(6, 0, [cls.company2.id])],
"groups_id": [(6, 0, cls.env.ref("base.group_user").ids)],
"login": "multicompany_user_2",
}
)
cls.multicompany_role = cls.role_model.create(
{
"name": "MULTICOMPANY_ROLE",
"implied_ids": [(6, 0, [cls.group_user_id.id])],
"line_ids": [(0, 0, {"user_id": cls.multicompany_user_2.id})],
}
)
def test_role_1(self):
self.user_id.write({"role_line_ids": [(0, 0, {"role_id": self.role1_id.id})]})
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
role_group_ids = self.role1_id.trans_implied_ids.ids
role_group_ids.append(self.role1_id.group_id.id)
role_group_ids = sorted(set(role_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_2(self):
self.user_id.write({"role_line_ids": [(0, 0, {"role_id": self.role2_id.id})]})
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
role_group_ids = self.role2_id.trans_implied_ids.ids
role_group_ids.append(self.role2_id.group_id.id)
role_group_ids = sorted(set(role_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_1_2(self):
self.user_id.write(
{
"role_line_ids": [
(0, 0, {"role_id": self.role1_id.id}),
(0, 0, {"role_id": self.role2_id.id}),
]
}
)
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
role1_group_ids = self.role1_id.trans_implied_ids.ids
role1_group_ids.append(self.role1_id.group_id.id)
role2_group_ids = self.role2_id.trans_implied_ids.ids
role2_group_ids.append(self.role2_id.group_id.id)
role_group_ids = sorted(set(role1_group_ids + role2_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_1_2_with_dates(self):
today_str = fields.Date.today()
today = fields.Date.from_string(today_str)
yesterday = today - datetime.timedelta(days=1)
yesterday_str = fields.Date.to_string(yesterday)
self.user_id.write(
{
"role_line_ids": [
# Role 1 should be enabled
(0, 0, {"role_id": self.role1_id.id, "date_from": today_str}),
# Role 2 should be disabled
(0, 0, {"role_id": self.role2_id.id, "date_to": yesterday_str}),
]
}
)
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
role1_group_ids = self.role1_id.trans_implied_ids.ids
role1_group_ids.append(self.role1_id.group_id.id)
role_group_ids = sorted(set(role1_group_ids))
self.assertEqual(user_group_ids, role_group_ids)
def test_role_unlink(self):
# Get role1 groups
role1_group_ids = (
self.role1_id.implied_ids.ids + self.role1_id.trans_implied_ids.ids
)
role1_group_ids.append(self.role1_id.group_id.id)
role1_group_ids = sorted(set(role1_group_ids))
# Configure the user with role1 and role2
self.user_id.write(
{
"role_line_ids": [
(0, 0, {"role_id": self.role1_id.id}),
(0, 0, {"role_id": self.role2_id.id}),
]
}
)
# Remove role2
self.role2_id.unlink()
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
self.assertEqual(user_group_ids, role1_group_ids)
# Remove role1
self.role1_id.unlink()
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
self.assertEqual(user_group_ids, [])
def test_role_line_unlink(self):
# Get role1 groups
role1_group_ids = (
self.role1_id.implied_ids.ids + self.role1_id.trans_implied_ids.ids
)
role1_group_ids.append(self.role1_id.group_id.id)
role1_group_ids = sorted(set(role1_group_ids))
# Configure the user with role1 and role2
self.user_id.write(
{
"role_line_ids": [
(0, 0, {"role_id": self.role1_id.id}),
(0, 0, {"role_id": self.role2_id.id}),
]
}
)
# Remove role2 from the user
self.user_id.role_line_ids.filtered(
lambda l: l.role_id.id == self.role2_id.id
).unlink()
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
self.assertEqual(user_group_ids, role1_group_ids)
# Remove role1 from the user
self.user_id.role_line_ids.filtered(
lambda l: l.role_id.id == self.role1_id.id
).unlink()
user_group_ids = sorted({group.id for group in self.user_id.groups_id})
self.assertEqual(user_group_ids, [])
def test_default_user_roles(self):
self.default_user.write(
{
"role_line_ids": [
(0, 0, {"role_id": self.role1_id.id}),
(0, 0, {"role_id": self.role2_id.id}),
]
}
)
user = self.user_model.create(
{"name": "USER TEST (DEFAULT ROLES)", "login": "user_test_default_roles"}
)
roles = self.role_model.browse([self.role1_id.id, self.role2_id.id])
self.assertEqual(user.role_ids, roles)
def test_role_multicompany(self):
"""Test AccessError when admin-like user accesses a role"""
role = self.multicompany_role.with_user(self.multicompany_user_1)
# Dummy read to check that multicompany user 1 has read access
role.read()
# Dummy read to check that multicompany user 1 has read access on the
# whole role, even if it's using a different company than multicompany
# user 2 (which is included in the role)
role.with_context(allowed_company_ids=self.company1.ids).read()
# Downgrade multicompany user 1 to common user
self.multicompany_user_1.write(
{"groups_id": [(6, 0, self.env.ref("base.group_user").ids)]}
)
# Check that the user cannot read multicompany data again since it lost
# its admin privileges
with self.assertRaisesRegex(
AccessError, "You are not allowed to access 'User role'"
):
role.read()
def test_create_role_from_user(self):
# Use a wizard instance to create a new role based on the user.
# We use assign_to_user = False, as otherwise this module forcibly
# assigns the role's groups to the user, which would make this
# test useless.
wizard = self.env["wizard.create.role.from.user"].create(
{
"name": "Role for user (without assign)",
"assign_to_user": False,
}
)
result = wizard.with_context(active_ids=[self.user_id.id]).create_from_user()
# Check that the role has the same groups as the user
role_id = result["res_id"]
role = self.role_model.browse([role_id])
user_group_ids = sorted(set(self.user_id.groups_id.ids))
role_group_ids = sorted(set(role.trans_implied_ids.ids))
self.assertEqual(user_group_ids, role_group_ids)
Reference in New Issue View Git Blame Copy Permalink