77 lines
3.7 KiB
Python
77 lines
3.7 KiB
Python
# -*- coding: utf-8 -*-
|
|
# Part of Odoo. See LICENSE file for full copyright and licensing details.
|
|
|
|
from odoo import exceptions
|
|
from odoo.addons.knowledge.tests.common import KnowledgeCommonWData
|
|
from odoo.tests.common import tagged, users
|
|
from odoo.tools import mute_logger
|
|
|
|
|
|
@tagged('knowledge_acl')
|
|
class TestWKnowledgeSecurity(KnowledgeCommonWData):
|
|
|
|
@mute_logger('odoo.addons.base.models.ir_model', 'odoo.addons.base.models.ir_rule')
|
|
@users('user_public')
|
|
def test_models_as_public(self):
|
|
""" Test publish flag giving read access to articles """
|
|
article_shared = self.article_shared.with_env(self.env)
|
|
with self.assertRaises(exceptions.AccessError,
|
|
msg="ACLs: Internal permission 'none', not for public"):
|
|
article_shared.body # access body should trigger acls
|
|
|
|
article_shared.sudo().website_published = True
|
|
article_shared.body # access body should not trigger acls
|
|
self.assertFalse(article_shared.is_user_favorite)
|
|
|
|
# FAVOURITE
|
|
with self.assertRaises(exceptions.AccessError, msg='ACLs: No favorite access to public'):
|
|
self.env['knowledge.article.favorite'].search([])
|
|
|
|
# STAGE
|
|
with self.assertRaises(exceptions.AccessError, msg='ACLs: No stage access to public'):
|
|
self.env['knowledge.article.stage'].search([])
|
|
|
|
@mute_logger('odoo.addons.base.models.ir_model', 'odoo.addons.base.models.ir_rule')
|
|
@users('portal_test')
|
|
def test_models_as_portal(self):
|
|
""" Test publish flag giving read access to articles """
|
|
article_shared = self.article_shared.with_env(self.env)
|
|
with self.assertRaises(exceptions.AccessError,
|
|
msg="ACLs: Internal permission 'none', not for portal"):
|
|
article_shared.body # access body should trigger acls
|
|
|
|
# stages are not readable as the article is not accessible
|
|
self.assertEqual(self.env['knowledge.article.stage'].search_count([]), 0)
|
|
article_shared.sudo().website_published = True
|
|
# should be able to read both stages as the article is published
|
|
self.assertEqual(self.env['knowledge.article.stage'].search_count([]), 2)
|
|
article_shared.body # access body should trigger acls
|
|
self.assertFalse(article_shared.is_user_favorite)
|
|
|
|
# Read access gives access to favorite toggling
|
|
article_shared.action_toggle_favorite()
|
|
article_shared.invalidate_model(['is_user_favorite'])
|
|
self.assertTrue(article_shared.is_user_favorite)
|
|
|
|
@mute_logger('odoo.addons.base.models.ir_model', 'odoo.addons.base.models.ir_rule')
|
|
@users('employee')
|
|
def test_models_as_user(self):
|
|
""" Test publish flag giving read access to articles """
|
|
article_hidden = self.private_children[0].with_env(self.env)
|
|
with self.assertRaises(exceptions.AccessError,
|
|
msg="ACLs: 'none' internal permission"):
|
|
article_hidden.body # access body should trigger acls
|
|
|
|
# stages are not readable as the article is not accessible but the user has access to 2 stages originally
|
|
self.assertEqual(self.env['knowledge.article.stage'].search_count([]), 2)
|
|
article_hidden.sudo().website_published = True
|
|
# should be able to read both stages as the article is published
|
|
self.assertEqual(self.env['knowledge.article.stage'].search_count([]), 4)
|
|
article_hidden.body # access body should trigger acls
|
|
self.assertFalse(article_hidden.is_user_favorite)
|
|
|
|
# Read access gives access to favorite toggling
|
|
article_hidden.action_toggle_favorite()
|
|
article_hidden.invalidate_model(['is_user_favorite'])
|
|
self.assertTrue(article_hidden.is_user_favorite)
|