NextERP/Odoo18-Base
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
dev
Odoo18-Base/odoo/addons/test_access_rights/tests/test_check_access.py
hoangvv 911a3b7812 init
2025-01-06 10:57:38 +07:00

54 lines
2.3 KiB
Python
Raw Permalink Blame History

# -*- coding: utf-8 -*-
# Part of Odoo. See LICENSE file for full copyright and licensing details.
import odoo.tests
from odoo import Command
@odoo.tests.tagged('-at_install', 'post_install')
class TestAccess(odoo.tests.HttpCase):
def setUp(self):
super(TestAccess, self).setUp()
self.portal_user = self.env['res.users'].create({
'login': 'P',
'name': 'P',
'groups_id': [Command.set([self.env.ref('base.group_portal').id])],
})
# a partner that can't be read by the portal user, would typically be a user's
self.internal_user_partner = self.env['res.partner'].create({'name': 'I'})
self.document = self.env['test_access_right.ticket'].create({
'name': 'Need help here',
'message_partner_ids': [Command.set([self.portal_user.partner_id.id,
self.internal_user_partner.id])],
})
def test_check_access(self):
"""Typically, a document consulted by a portal user P
will point to other records that P cannot read.
For example, if P wants to consult a ticket of his,
the ticket will have a reviewer or assigned user that is internal,
and which partner cannot be read by P.
This should not block P from accessing the ticket.
"""
document = self.document.with_user(self.portal_user)
# at this point, some fields might already be loaded in cache.
# if so, it means we would bypass the ACL when trying to read the field
# while this is bad, this is not the object of this test
self.internal_user_partner.invalidate_model(['active'])
# from portal's _document_check_access:
document.check_access('read')
# no raise, because we are supposed to be able to read our ticket
def test_name_search_with_sudo(self):
"""Check that _name_search return correct values with sudo
"""
no_access_user = self.env['res.users'].create({
'login': 'no_access',
'name': 'no_access',
'groups_id': [Command.clear()],
})
document = self.env['test_access_right.ticket'].with_user(no_access_user)
res = document.sudo().name_search('Need help here')
self.assertEqual(res[0][1], "Need help here")
Reference in New Issue View Git Blame Copy Permalink