def invitation_accepted(event):
"""
When an invitation is accepted, add the user to the team
"""
request = getRequest()
storage = get_storage()
if event.token_id not in storage:
return
ws_uid, username = storage[event.token_id]
storage[event.token_id]
acl_users = api.portal.get_tool("acl_users")
acl_users.updateCredentials(request, request.response, username, None)
catalog = api.portal.get_tool(name="portal_catalog")
brain = catalog.unrestrictedSearchResults(UID=ws_uid)[0]
with api.env.adopt_roles(["Manager"]):
ws = IWorkspace(brain.getObject())
for name in ws.members:
member = api.user.get(username=name)
if member is not None:
if member.getUserName() == username:
api.portal.show_message(_("Oh boy, oh boy, you are already a member"), request)
break
else:
ws.add_to_team(user=username)
api.portal.show_message(_("Welcome to our family, Stranger"), request)
def invitation_accepted(event):
"""
When an invitation is accepted, add the user to the team
"""
request = getRequest()
storage = get_storage()
if event.token_id not in storage:
return
ws_uid, username = storage[event.token_id]
storage[event.token_id]
acl_users = api.portal.get_tool('acl_users')
acl_users.updateCredentials(request, request.response, username, None)
catalog = api.portal.get_tool(name="portal_catalog")
brain = catalog.unrestrictedSearchResults(UID=ws_uid)[0]
with api.env.adopt_roles(["Manager"]):
ws = IWorkspace(brain.getObject())
for name in ws.members:
member = api.user.get(username=name)
if member is not None:
if member.getUserName() == username:
api.portal.show_message(
_('Oh boy, oh boy, you are already a member'),
request,
)
break
else:
ws.add_to_team(user=username)
api.portal.show_message(
_('Welcome to our family, Stranger'),
request,
)
def update_case_access(self):
"""
Iterate over all tasks inside the case.
- If a member is assigned to a task and the task in the current
milestone:
Grant Guest access, if the user is not a regular member of the Case
- If a member has Guest access, but is not an assignee in any
task of the current milestone:
Remove Guest access
"""
# First of all we take the set of the todo assignees
pc = api.portal.get_tool('portal_catalog')
review_state = api.content.get_state(self)
brains = pc.unrestrictedSearchResults(
path='/'.join(self.getPhysicalPath()),
portal_type='todo',
)
objs = filter(
lambda obj: obj.assignee and obj.milestone == review_state,
(brain._unrestrictedGetObject() for brain in brains))
assignees = {obj.assignee for obj in objs}
# now we make a partition of the user associated to this context
existing_users = self.existing_users()
existing_guests = set([])
non_guests = set([])
for user in existing_users:
if user.get('role') == 'Guest':
existing_guests.add(user['id'])
else:
non_guests.add(user['id'])
# We find out which assignees are guests
entitled_guests = assignees.difference(non_guests)
workspace = IWorkspace(self)
# We have some stale guests that should be removed from this context
stale_guests = existing_guests.difference(entitled_guests)
for user_id in stale_guests:
workspace.remove_from_team(user_id)
# We have some new guests that should be added to this context
new_guests = entitled_guests.difference(existing_guests)
for user_id in new_guests:
workspace.add_to_team(user_id, groups=['Guests'])
# If roles were changed, throw the required event
if len(stale_guests) + len(new_guests):
notify(WorkspaceRosterChangedEvent(self))
def test_acquired_roles_from_policy_settings(self):
self.login_as_portal_owner()
policy = "moderators"
self.workspace.participant_policy = policy
ws = IWorkspace(self.workspace)
ws.add_to_team(user=self.user.getUserName())
roles = ws.available_groups.get(policy.title())
self.request.form = {'form.button.Search': 'Search',
'search_term': 'demo'}
view = SharingView(self.workspace, self.request)
results = view.user_search_results()
self.assertEqual(len(results), 1)
self.assertTrue(
all([results[0]["roles"][role] == "acquired" for role in roles]),
"Acquired roles were not set correctly")
def test_add_admin_to_workspace(self):
""" check that site admin can add team admin to the workspace """
self.login_as_portal_owner()
ws = self._create_unadapted_workspace()
user = self._create_user()
groups = api.group.get_groups()
group_names = [x.getName() for x in groups]
group_name = 'Admins:%s' % (api.content.get_uuid(ws))
self.assertIn(group_name, group_names)
workspace = IWorkspace(ws)
workspace.add_to_team(user=user.getId(), groups=set([u"Admins"]))
portal = api.portal.get()
pgroups = portal.portal_groups.getGroupById(group_name)
member_ids = pgroups.getGroup().getMemberIds()
self.assertIn(user.getId(), member_ids)
def test_acquired_roles_from_policy_settings(self):
self.login_as_portal_owner()
policy = "moderators"
self.workspace.participant_policy = policy
ws = IWorkspace(self.workspace)
ws.add_to_team(user=self.user.getUserName())
roles = ws.available_groups.get(policy.title())
self.request.form = {
'form.button.Search': 'Search',
'search_term': 'demo'
}
view = SharingView(self.workspace, self.request)
results = view.user_search_results()
self.assertEqual(len(results), 1)
self.assertTrue(
all([results[0]["roles"][role] == "acquired" for role in roles]),
"Acquired roles were not set correctly")
def __call__(self):
if not self.context.join_policy == "self":
msg = _(u"Workspace join policy doesn't allow self join")
raise Unauthorized(msg)
field = "button.join"
req_method = self.request.method.lower()
if req_method == "post" and field in self.request.form:
user = api.user.get_current()
workspace = IWorkspace(self.context)
workspace.add_to_team(user=user.getId())
msg = _(u"You are a member of this workspace now")
api.portal.show_message(message=_(msg), request=self.request)
referer = self.request.get("HTTP_REFERER", "").strip()
if not referer:
referer = self.context.absolute_url()
return self.request.response.redirect(referer)
def invitation_accepted(event):
"""
When an invitation is accepted, add the user to the team.
This apparently is NOT a ploneintranet.invitations invitation,
but by ploneintranet.workspace.browser.forms.InviteForm.
"""
request = getRequest()
storage = get_storage()
if event.token_id not in storage:
return
ws_uid, userid = storage[event.token_id]
# in a email_as_login setting (see #1043)
# .userid == .username but .username != .getUserName() ... :-(
username = api.user.get(userid=userid).getUserName()
acl_users = api.portal.get_tool('acl_users')
acl_users.updateCredentials(
request,
request.response,
username, # the login, not the userid
None
)
catalog = api.portal.get_tool(name="portal_catalog")
brain = catalog.unrestrictedSearchResults(UID=ws_uid)[0]
with api.env.adopt_roles(["Manager"]):
ws = IWorkspace(brain.getObject())
# collective.workspace .members returns userid iterator
for member_id in ws.members: # don't clobber userid variable
member = api.user.get(userid=member_id)
if member is not None:
if member.getId() == userid:
api.portal.show_message(
_('Oh boy, oh boy, you are already a member'),
request,
)
break
else:
# 'user' in this API is actually userid
ws.add_to_team(user=userid)
api.portal.show_message(
_('Welcome to our family, Stranger'),
request,
)
def __call__(self):
if not self.context.join_policy == "self":
msg = _(u"Workspace join policy doesn't allow self join")
raise Unauthorized(msg)
field = "button.join"
req_method = self.request.method.lower()
if req_method == "post" and field in self.request.form:
user = api.user.get_current()
workspace = IWorkspace(self.context)
workspace.add_to_team(user=user.getId())
msg = _(u"You are a member of this workspace now")
api.portal.show_message(message=_(msg),
request=self.request)
referer = self.request.get("HTTP_REFERER", "").strip()
if not referer:
referer = self.context.absolute_url()
return self.request.response.redirect(referer)
class TestWorkspace(unittest.TestCase):
layer = COLLECTIVE_WORKSPACE_INTEGRATION_TESTING
def setUp(self):
self.app = self.layer["app"]
self.portal = self.layer["portal"]
self.request = self.layer["request"]
z2.login(self.app["acl_users"], SITE_OWNER_NAME)
self.user1 = api.user.create(email="*****@*****.**", username="******", password="******")
self.workspace = api.content.create(container=self.portal, type="Workspace", id="a-workspace")
self.ws = IWorkspace(self.workspace)
def test_add_to_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_remove_from_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.ws.remove_from_team(user=self.user1.getId())
self.assertNotIn(self.user1.getId(), list(self.ws.members))
def test_add_admin_to_workspace(self):
""" check that site admin can add team admin to the workspace """
self.login_as_portal_owner()
ws = self.create_unadapted_workspace()
user = self.create_user()
groups = api.group.get_groups()
group_names = [x.getName() for x in groups]
group_name = 'Admins:%s' % (api.content.get_uuid(ws))
self.assertIn(
group_name,
group_names
)
workspace = IWorkspace(ws)
workspace.add_to_team(user=user.getId(), groups=set([u"Admins"]))
portal = api.portal.get()
pgroups = portal.portal_groups.getGroupById(group_name)
member_ids = pgroups.getGroup().getMemberIds()
self.assertIn(user.getId(),
member_ids)
def update_users(self, entries):
"""Update user properties on the roster """
ws = IWorkspace(self.context)
members = ws.members
# check user permissions against join policy
join_policy = self.context.join_policy
if (join_policy == "admin"
and not checkPermission(
"collective.workspace: Manage roster",
self.context)):
raise Unauthorized("You are not allowed to add users here")
for entry in entries:
id = entry.get('id')
is_member = bool(entry.get('member'))
is_admin = bool(entry.get('admin'))
# Existing members
if id in members:
member = members[id]
if not is_member:
if checkPermission(
"ploneintranet.workspace: Manage workspace",
self.context):
ws.membership_factory(ws, member).remove_from_team()
else:
raise Unauthorized(
"Only team managers can remove members")
elif not is_admin:
ws.membership_factory(ws, member).groups -= {'Admins'}
else:
ws.membership_factory(ws, member).groups |= {'Admins'}
# New members
elif id not in members and (is_member or is_admin):
groups = set()
if is_admin:
groups.add('Admins')
ws.add_to_team(user=id, groups=groups)
def handleApply(self, action):
data = self.extractData()[0]
ws = IWorkspace(self.context)
other_ws_id = data.get("workspace")
other_ws = IWorkspace(api.content.get(UID=other_ws_id))
move = data.get("move", False)
removable = []
for userid in ws.members:
user = api.user.get(userid=userid)
if user is not None:
user_id = user.getId()
other_ws.add_to_team(user=user_id)
removable.append(userid)
if move:
for userid in removable:
factory = ws.membership_factory(ws, {"user": userid})
factory.remove_from_team()
self.updateWidgets()
self.status = "Members transfered."
def update_users(self, entries):
"""Update user properties on the roster """
ws = IWorkspace(self.context)
members = ws.members
# check user permissions against join policy
join_policy = self.context.join_policy
if (join_policy == "admin" and not checkPermission(
"ploneintranet.workspace: Manage workspace", self.context)):
raise Unauthorized("You are not allowed to add users here")
for entry in entries:
id = entry.get('id')
is_member = bool(entry.get('member'))
is_admin = bool(entry.get('admin'))
# Existing members
if id in members:
member = members[id]
if not is_member:
if checkPermission(
"ploneintranet.workspace: Manage workspace",
self.context):
ws.membership_factory(ws, member).remove_from_team()
else:
raise Unauthorized(
"Only team managers can remove members")
elif not is_admin:
ws.membership_factory(ws, member).groups -= {'Admins'}
else:
ws.membership_factory(ws, member).groups |= {'Admins'}
# New members
elif id not in members and (is_member or is_admin):
groups = set()
if is_admin:
groups.add('Admins')
ws.add_to_team(user=id, groups=groups)
def handleApply(self, action):
data = self.extractData()[0]
ws = IWorkspace(self.context)
other_ws_id = data.get("workspace")
other_ws = IWorkspace(api.content.get(UID=other_ws_id))
move = data.get("move", False)
removable = []
for member in ws.members:
user = api.user.get(username=member)
if user is not None:
user_id = user.getId()
other_ws.add_to_team(user=user_id)
removable.append(member)
if move:
func = lambda member: ws.membership_factory(
ws,
{"user": member}).remove_from_team()
map(func, removable)
self.updateWidgets()
self.status = "Members transfered."
class TestWorkspace(unittest.TestCase):
layer = COLLECTIVE_WORKSPACE_INTEGRATION_TESTING
def setUp(self):
self.app = self.layer['app']
self.portal = self.layer['portal']
self.request = self.layer['request']
z2.login(self.app['acl_users'], SITE_OWNER_NAME)
self.user1 = api.user.create(email='*****@*****.**',
username='******',
password='******')
self.workspace = api.content.create(container=self.portal,
type='Workspace',
id='a-workspace')
self.ws = IWorkspace(self.workspace)
def test_add_to_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_remove_from_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.ws.remove_from_team(user=self.user1.getId())
self.assertNotIn(self.user1.getId(), list(self.ws.members))
class TeamMemberEditForm(AutoExtensibleForm, EditForm):
def __init__(self, context, request):
self.context = context
self.request = request
self.workspace = IWorkspace(self.context)
key = None
def publishTraverse(self, request, name):
self.key = name
return self
@lazy_property
def schema(self):
return self.workspace.membership_schema
def updateFields(self):
super(TeamMemberEditForm, self).updateFields()
# don't show the user field if we are editing
if self.key:
del self.fields['user']
@lazy_property
def ignoreContext(self):
return not bool(self.key)
@lazy_property
def label(self):
if self.key:
return self.getContent()._title
else:
return _(u'Add Person to Roster')
@lazy_property
def _content(self):
if not self.key:
return self.context
workspace = self.workspace
memberdata = workspace.members[self.key]
return workspace.membership_factory(workspace, memberdata)
def getContent(self):
return self._content
def validateInvariants(self, membership):
pass
@button.buttonAndHandler(_(u'Save'))
def handleSave(self, action):
data, errors = self.extractData()
if errors:
self.status = self.formErrorsMessage
return
status = _(u'Changes saved')
if self.key:
membership = self.getContent()
membership.update(data)
else:
# Add new roster member
membership = self.workspace.add_to_team(**data)
status = _(u'User added')
try:
self.validateInvariants(membership)
except ActionExecutionError:
# make sure above changes won't be persisted
transaction.abort()
raise
self._finished = True
IStatusMessage(self.request).addStatusMessage(status, 'info')
@property
def can_remove(self):
return self.key
@button.buttonAndHandler(_(u'Remove'),
condition=lambda self: self.can_remove)
def handleRemove(self, action):
membership = self.getContent()
membership.remove_from_team()
self._finished = True
IStatusMessage(self.request).addStatusMessage(_(u"User removed"),
"info")
_finished = False
def render(self):
if self._finished:
return ' '
return super(TeamMemberEditForm, self).render()
class TeamMemberEditForm(AutoExtensibleForm, EditForm):
def __init__(self, context, request):
self.context = context
self.request = request
self.workspace = IWorkspace(self.context)
key = None
def publishTraverse(self, request, name):
self.key = name
return self
@lazy_property
def schema(self):
return self.workspace.membership_schema
def updateFields(self):
super(TeamMemberEditForm, self).updateFields()
# don't show the user field if we are editing
if self.key:
del self.fields['user']
@lazy_property
def ignoreContext(self):
return not bool(self.key)
@lazy_property
def label(self):
if self.key:
return self.getContent()._title
else:
return _(u'Add Person to Roster')
@lazy_property
def _content(self):
if not self.key:
return self.context
workspace = self.workspace
memberdata = workspace.members[self.key]
return workspace.membership_factory(workspace, memberdata)
def getContent(self):
return self._content
def validateInvariants(self, membership):
pass
@button.buttonAndHandler(_(u'Save'))
def handleSave(self, action):
data, errors = self.extractData()
if errors:
self.status = self.formErrorsMessage
return
status = _(u'Changes saved')
if self.key:
membership = self.getContent()
membership.update(data)
else:
# Add new roster member
membership = self.workspace.add_to_team(**data)
status = _(u'User added')
try:
self.validateInvariants(membership)
except ActionExecutionError:
# make sure above changes won't be persisted
transaction.abort()
raise
self._finished = True
IStatusMessage(self.request).addStatusMessage(status, 'info')
@property
def can_remove(self):
return self.key
@button.buttonAndHandler(
_(u'Remove'), condition=lambda self: self.can_remove)
def handleRemove(self, action):
membership = self.getContent()
membership.remove_from_team()
self._finished = True
IStatusMessage(self.request).addStatusMessage(
_(u"User removed"), "info")
_finished = False
def render(self):
if self._finished:
return ' '
return super(TeamMemberEditForm, self).render()
class TeamMemberEditForm(AutoExtensibleForm, EditForm):
def __init__(self, context, request):
self.context = context
self.request = request
self.workspace = IWorkspace(self.context)
user_id = None
def publishTraverse(self, request, name):
self.user_id = name
return self
@lazy_property
def schema(self):
return self.workspace.membership_schema
def updateFields(self):
super(TeamMemberEditForm, self).updateFields()
# don't show the user field if we are editing
if self.user_id:
del self.fields['user']
@lazy_property
def ignoreContext(self):
return not bool(self.user_id)
@lazy_property
def label(self):
if self.user_id:
mtool = getToolByName(self.context, 'portal_membership')
member = mtool.getMemberById(self.user_id)
if member is not None:
return member.getProperty('fullname') or self.user_id
else:
return self.user_id
else:
return u'Add Person to Roster'
@lazy_property
def _content(self):
if not self.user_id:
return self.context
workspace = self.workspace
memberdata = workspace.members[self.user_id]
return workspace.membership_factory(workspace, memberdata)
def getContent(self):
return self._content
def validateInvariants(self, membership):
pass
@button.buttonAndHandler(u'Save')
def handleSave(self, action):
data, errors = self.extractData()
if errors:
return
if self.user_id:
membership = self.getContent()
membership.update(data)
else:
# Add new roster member
membership = self.workspace.add_to_team(**data)
try:
self.validateInvariants(membership)
except ActionExecutionError:
# make sure above changes won't be persisted
transaction.abort()
raise
self._finished = True
@property
def can_remove(self):
return self.user_id
@button.buttonAndHandler(u'Remove', condition=lambda self: self.can_remove)
def handleRemove(self, action):
membership = self.getContent()
membership.remove_from_team()
self._finished = True
_finished = False
def render(self):
if self._finished:
return ' '
return super(TeamMemberEditForm, self).render()
class TestWorkspace(unittest.TestCase):
layer = COLLECTIVE_WORKSPACE_INTEGRATION_TESTING
def setUp(self):
self.app = self.layer['app']
self.portal = self.layer['portal']
self.request = self.layer['request']
z2.login(self.app['acl_users'], SITE_OWNER_NAME)
self.user1 = api.user.create(
email='*****@*****.**',
username='******',
password='******'
)
self.workspace = api.content.create(
container=self.portal,
type='Workspace',
id='a-workspace'
)
self.ws = IWorkspace(self.workspace)
def _get_roles_in_workspace(self):
pmt = api.portal.get_tool('portal_membership')
member = pmt.getMemberById(self.user1.getId())
return member.getRolesInContext(self.workspace)
def test_adding_workspace_creates_groups(self):
group = self.portal.portal_groups.getGroupById(
'Admins:' + self.workspace.UID())
self.assertIsNotNone(group)
def test_renaming_workspace_updates_group_titles(self):
self.workspace.setTitle('new title')
from zope.lifecycleevent import modified
modified(self.workspace)
group = self.portal.portal_groups.getGroupById(
'Admins:' + self.workspace.UID())
self.assertEqual(group.getProperty('title'), 'Admins: new title')
def test_removing_workspace_removes_groups(self):
self.portal.manage_delObjects(['a-workspace'])
group = self.portal.portal_groups.getGroupById(
'Admins:' + self.workspace.UID())
self.assertIsNone(group)
def test_add_to_team(self):
self.ws.add_to_team(
user=self.user1.getId()
)
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_adding_team_member_updates_groups(self):
self.ws.add_to_team(
user=self.user1.getId(),
groups=(u'Admins',),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Members:' + self.workspace.UID()),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Admins:' + self.workspace.UID()),
)
def test_updating_team_member_updates_groups(self):
self.ws.add_to_team(
user=self.user1.getId()
)
self.ws[self.user1.getId()].update({'groups': set([u'Admins'])})
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Members:' + self.workspace.UID()),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Admins:' + self.workspace.UID()),
)
def test_direct_set_of_membership_property_is_blocked(self):
self.ws.add_to_team(
user=self.user1.getId()
)
try:
self.ws[self.user1.getId()].position = u'Tester'
except Exception as e:
self.assertEqual(
str(e),
'Setting membership properties directly is not supported. '
'Use the `update` method instead.'
)
else:
self.fail('Expected exception')
def test_local_role_team_member(self):
self.ws.add_to_team(
user=self.user1.getId()
)
self.assertIn('TeamMember', self._get_roles_in_workspace())
def test_remove_from_team(self):
self.ws.add_to_team(
user=self.user1.getId()
)
self.ws.remove_from_team(
user=self.user1.getId()
)
self.assertNotIn(self.user1.getId(), list(self.ws.members))
def test_removing_team_member_updates_groups(self):
self.ws.add_to_team(
user=self.user1.getId(),
groups=(u'Admins',),
)
self.ws.remove_from_team(
user=self.user1.getId()
)
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Members:' + self.workspace.UID()),
)
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Admins:' + self.workspace.UID()),
)
def test_reparent_team_member(self):
self.ws.add_to_team(
user=self.user1.getId(),
groups=(u'Admins',),
)
user2 = api.user.create(
email='*****@*****.**',
username='******',
password='******'
)
self.ws[self.user1.getId()].update({'user': user2.getId()})
self.assertNotIn(self.user1.getId(), self.workspace._team)
self.assertIn(user2.getId(), self.workspace._team)
self.assertEqual(self.ws[user2.getId()].user, user2.getId())
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
'Admins:' + self.workspace.UID()),
)
self.assertIn(
user2.getId(),
self.portal.portal_groups.getGroupMembers(
'Admins:' + self.workspace.UID()),
)
def test_removing_user_removes_workspace_memberships(self):
userid = self.user1.getId()
self.ws.add_to_team(user=userid)
self.assertIn(userid, self.ws.members)
api.user.delete(userid)
self.assertNotIn(userid, self.ws.members)
self.assertNotIn(
userid,
self.portal.portal_groups.getGroupMembers(
'Members:' + self.workspace.UID()),
)
def test_copying_workspace_clears_roster(self):
cookie = self.portal.manage_copyObjects(ids=('a-workspace',))
self.portal.manage_pasteObjects(cookie)
self.assertTrue('copy_of_a-workspace' in self.portal)
workspace = self.portal['copy_of_a-workspace']
self.assertEqual(len(workspace._team), 0)
self.assertEqual(workspace._counters['members'](), 0)
def test_add_guest_to_team(self):
self.ws.add_to_team(
user=self.user1.getId(), groups=['Guests']
)
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_guest_has_no_team_member_role(self):
self.ws.add_to_team(
user=self.user1.getId(), groups=['Guests']
)
pmt = api.portal.get_tool('portal_membership')
member = pmt.getMemberById(self.user1.getId())
roles = member.getRolesInContext(self.workspace)
self.assertIn('TeamGuest', roles)
self.assertNotIn('TeamMember', roles)
def test_creating_and_removing_plone_groups_is_possible(self):
test_group_id = 'My workspace testers'
self.assertIsNone(api.group.get(test_group_id))
api.group.create(test_group_id)
group = api.group.get(test_group_id)
self.assertEquals(group.getId(), test_group_id)
api.group.delete(test_group_id)
self.assertIsNone(api.group.get(test_group_id))
def test_update_membership_groups(self):
''' Test that calling _update_groups will always add
the Members group, unless the user is also in the Guests group
'''
self.assertNotIn('TeamMember', self._get_roles_in_workspace())
# Adding the user to the workspace will grant the TeamMember role
membership = self.ws.add_to_team(user=self.user1.getId())
self.assertIn('TeamMember', self._get_roles_in_workspace())
# groups should be untouched
old = set()
new = set()
membership._update_groups(old, new)
self.assertIn('TeamMember', self._get_roles_in_workspace())
# groups should be untouched because user is already a member
old = set()
new = set(['Members'])
membership._update_groups(old, new)
self.assertIn('TeamMember', self._get_roles_in_workspace())
# Removing the automatic group will not actually remove it
# because it is an automatic group
old = set(['Members'])
new = set()
membership._update_groups(old, new)
self.assertIn('TeamMember', self._get_roles_in_workspace())
# Removing the automatic group will have no effect
old = set(['Members'])
new = set()
membership._update_groups(old, new)
self.assertIn('TeamMember', self._get_roles_in_workspace())
# Adding the user to the Guests group will remove it from the Members
# because the condition will not be satisifed
old = set()
new = set(['Guests'])
membership._update_groups(old, new)
self.assertIn('TeamGuest', self._get_roles_in_workspace())
self.assertNotIn('TeamMember', self._get_roles_in_workspace())
def test_membership_remove_all_groups(self):
''' Test that calling _remove_all_groups does so
'''
self.assertNotIn('TeamMember', self._get_roles_in_workspace())
# Adding the user to the workspace will grant the TeamMember role
membership = self.ws.add_to_team(user=self.user1.getId())
self.assertIn('TeamMember', self._get_roles_in_workspace())
# groups should be removed
membership._remove_all_groups()
self.assertNotIn('TeamMember', self._get_roles_in_workspace())
class TeamMemberEditForm(AutoExtensibleForm, EditForm):
def __init__(self, context, request):
self.context = context
self.request = request
self.workspace = IWorkspace(self.context)
user_id = None
def publishTraverse(self, request, name):
self.user_id = name
return self
@lazy_property
def schema(self):
return self.workspace.membership_schema
def updateFields(self):
super(TeamMemberEditForm, self).updateFields()
# don't show the user field if we are editing
if self.user_id:
del self.fields['user']
@lazy_property
def ignoreContext(self):
return not bool(self.user_id)
@lazy_property
def label(self):
if self.user_id:
mtool = getToolByName(self.context, 'portal_membership')
member = mtool.getMemberById(self.user_id)
if member is not None:
return member.getProperty('fullname') or self.user_id
else:
return self.user_id
else:
return u'Add Person to Roster'
@lazy_property
def _content(self):
if not self.user_id:
return self.context
workspace = self.workspace
memberdata = workspace.members[self.user_id]
return workspace.membership_factory(workspace, memberdata)
def getContent(self):
return self._content
def validateInvariants(self, membership):
pass
@button.buttonAndHandler(u'Save')
def handleSave(self, action):
data, errors = self.extractData()
if errors:
return
if self.user_id:
membership = self.getContent()
membership.update(data)
else:
# Add new roster member
membership = self.workspace.add_to_team(**data)
try:
self.validateInvariants(membership)
except ActionExecutionError:
# make sure above changes won't be persisted
transaction.abort()
raise
self._finished = True
@property
def can_remove(self):
return self.user_id
@button.buttonAndHandler(u'Remove', condition=lambda self: self.can_remove)
def handleRemove(self, action):
membership = self.getContent()
membership.remove_from_team()
self._finished = True
_finished = False
def render(self):
if self._finished:
return ' '
return super(TeamMemberEditForm, self).render()
class TestWorkspace(unittest.TestCase):
layer = COLLECTIVE_WORKSPACE_INTEGRATION_TESTING
def setUp(self):
self.app = self.layer["app"]
self.portal = self.layer["portal"]
self.request = self.layer["request"]
zope.login(self.app["acl_users"], SITE_OWNER_NAME)
self.user1 = api.user.create(
email="*****@*****.**", username="******", password="******"
)
self.workspace = api.content.create(
container=self.portal, type="Workspace", id="a-workspace"
)
self.ws = IWorkspace(self.workspace)
def _get_roles_in_workspace(self):
pmt = api.portal.get_tool("portal_membership")
member = pmt.getMemberById(self.user1.getId())
return member.getRolesInContext(self.workspace)
def test_adding_workspace_creates_groups(self):
group = self.portal.portal_groups.getGroupById("Admins:" + self.workspace.UID())
self.assertIsNotNone(group)
def test_renaming_workspace_updates_group_titles(self):
self.workspace.setTitle("new title")
from zope.lifecycleevent import modified
modified(self.workspace)
group = self.portal.portal_groups.getGroupById("Admins:" + self.workspace.UID())
self.assertEqual(group.getProperty("title"), "Admins: new title")
def test_removing_workspace_removes_groups(self):
self.portal.manage_delObjects(["a-workspace"])
group = self.portal.portal_groups.getGroupById("Admins:" + self.workspace.UID())
self.assertIsNone(group)
def test_add_to_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_adding_team_member_updates_groups(self):
self.ws.add_to_team(
user=self.user1.getId(), groups=(u"Admins",),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
"Members:" + self.workspace.UID()
),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers("Admins:" + self.workspace.UID()),
)
def test_updating_team_member_updates_groups(self):
self.ws.add_to_team(user=self.user1.getId())
self.ws[self.user1.getId()].update({"groups": set([u"Admins"])})
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
"Members:" + self.workspace.UID()
),
)
self.assertIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers("Admins:" + self.workspace.UID()),
)
def test_direct_set_of_membership_property_is_blocked(self):
self.ws.add_to_team(user=self.user1.getId())
try:
self.ws[self.user1.getId()].position = u"Tester"
except Exception as e:
self.assertEqual(
str(e),
"Setting membership properties directly is not supported. "
"Use the `update` method instead.",
)
else:
self.fail("Expected exception")
def test_local_role_team_member(self):
self.ws.add_to_team(user=self.user1.getId())
self.assertIn("TeamMember", self._get_roles_in_workspace())
def test_remove_from_team(self):
self.ws.add_to_team(user=self.user1.getId())
self.ws.remove_from_team(user=self.user1.getId())
self.assertNotIn(self.user1.getId(), list(self.ws.members))
def test_removing_team_member_updates_groups(self):
self.ws.add_to_team(
user=self.user1.getId(), groups=(u"Admins",),
)
self.ws.remove_from_team(user=self.user1.getId())
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers(
"Members:" + self.workspace.UID()
),
)
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers("Admins:" + self.workspace.UID()),
)
def test_reparent_team_member(self):
self.ws.add_to_team(
user=self.user1.getId(), groups=(u"Admins",),
)
user2 = api.user.create(
email="*****@*****.**", username="******", password="******"
)
self.ws[self.user1.getId()].update({"user": user2.getId()})
self.assertNotIn(self.user1.getId(), self.workspace._team)
self.assertIn(user2.getId(), self.workspace._team)
self.assertEqual(self.ws[user2.getId()].user, user2.getId())
self.assertNotIn(
self.user1.getId(),
self.portal.portal_groups.getGroupMembers("Admins:" + self.workspace.UID()),
)
self.assertIn(
user2.getId(),
self.portal.portal_groups.getGroupMembers("Admins:" + self.workspace.UID()),
)
def test_removing_user_removes_workspace_memberships(self):
userid = self.user1.getId()
self.ws.add_to_team(user=userid)
self.assertIn(userid, self.ws.members)
api.user.delete(userid)
self.assertNotIn(userid, self.ws.members)
self.assertNotIn(
userid,
self.portal.portal_groups.getGroupMembers(
"Members:" + self.workspace.UID()
),
)
def test_copying_workspace_clears_roster(self):
cookie = self.portal.manage_copyObjects(ids=("a-workspace",))
self.portal.manage_pasteObjects(cookie)
self.assertTrue("copy_of_a-workspace" in self.portal)
workspace = self.portal["copy_of_a-workspace"]
self.assertEqual(len(workspace._team), 0)
self.assertEqual(workspace._counters["members"](), 0)
def test_add_guest_to_team(self):
self.ws.add_to_team(user=self.user1.getId(), groups=["Guests"])
self.assertIn(self.user1.getId(), list(self.ws.members))
def test_guest_has_no_team_member_role(self):
self.ws.add_to_team(user=self.user1.getId(), groups=["Guests"])
pmt = api.portal.get_tool("portal_membership")
member = pmt.getMemberById(self.user1.getId())
roles = member.getRolesInContext(self.workspace)
self.assertIn("TeamGuest", roles)
self.assertNotIn("TeamMember", roles)
def test_creating_and_removing_plone_groups_is_possible(self):
test_group_id = "My workspace testers"
self.assertIsNone(api.group.get(test_group_id))
api.group.create(test_group_id)
group = api.group.get(test_group_id)
self.assertEquals(group.getId(), test_group_id)
api.group.delete(test_group_id)
self.assertIsNone(api.group.get(test_group_id))
def test_update_membership_groups(self):
""" Test that calling _update_groups will always add
the Members group, unless the user is also in the Guests group
"""
self.assertNotIn("TeamMember", self._get_roles_in_workspace())
# Adding the user to the workspace will grant the TeamMember role
membership = self.ws.add_to_team(user=self.user1.getId())
self.assertIn("TeamMember", self._get_roles_in_workspace())
# groups should be untouched
old = set()
new = set()
membership._update_groups(old, new)
self.assertIn("TeamMember", self._get_roles_in_workspace())
# groups should be untouched because user is already a member
old = set()
new = set(["Members"])
membership._update_groups(old, new)
self.assertIn("TeamMember", self._get_roles_in_workspace())
# Removing the automatic group will not actually remove it
# because it is an automatic group
old = set(["Members"])
new = set()
membership._update_groups(old, new)
self.assertIn("TeamMember", self._get_roles_in_workspace())
# Removing the automatic group will have no effect
old = set(["Members"])
new = set()
membership._update_groups(old, new)
self.assertIn("TeamMember", self._get_roles_in_workspace())
# Adding the user to the Guests group will remove it from the Members
# because the condition will not be satisifed
old = set()
new = set(["Guests"])
membership._update_groups(old, new)
self.assertIn("TeamGuest", self._get_roles_in_workspace())
self.assertNotIn("TeamMember", self._get_roles_in_workspace())
def test_membership_remove_all_groups(self):
""" Test that calling _remove_all_groups does so
"""
self.assertNotIn("TeamMember", self._get_roles_in_workspace())
# Adding the user to the workspace will grant the TeamMember role
membership = self.ws.add_to_team(user=self.user1.getId())
self.assertIn("TeamMember", self._get_roles_in_workspace())
# groups should be removed
membership._remove_all_groups()
self.assertNotIn("TeamMember", self._get_roles_in_workspace())
