def testPermissions(self): for content in self.demo_instances: self.assertTrue(checkPerm(permissions.View, content)) self.assertTrue( checkPerm(permissions.AccessContentsInformation, content)) self.assertTrue( checkPerm(permissions.ModifyPortalContent, content))
def test_view_comments(self): """Make sure published comments can be viewed by everyone. """ # Owner is allowed # self.login(default_user) # self.assertTrue(checkPerm(View, self.doc)) # Member is allowed login(self.portal, TEST_USER_NAME) workflow = self.portal.portal_workflow workflow.doActionFor(self.doc, 'publish') login(self.portal, 'member') self.assertTrue(checkPerm(View, self.comment)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(View, self.comment)) # Anonymous is allowed logout() self.assertTrue(checkPerm(View, self.comment)) # Editor is allowed login(self.portal, 'editor') self.assertTrue(checkPerm(View, self.comment)) # Reader is allowed login(self.portal, 'reader') self.assertTrue(checkPerm(View, self.comment))
def testPermissions(self): for content in self.demo_instances: # XXX: Strangely enough we have correct permissions here, but not so # in initializeArchetype self.failUnless(checkPerm(permissions.View, content)) self.failUnless(checkPerm(permissions.AccessContentsInformation, content)) self.failUnless(checkPerm(permissions.ModifyPortalContent, content))
def test_view_comments(self): """Make sure published comments can be viewed by everyone. """ # Owner is allowed # self.login(default_user) # self.assertTrue(checkPerm(View, self.doc)) # Member is allowed login(self.portal, TEST_USER_NAME) workflow = self.portal.portal_workflow workflow.doActionFor(self.doc, 'publish') login(self.portal, 'member') self.assertTrue(checkPerm(View, self.comment)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(View, self.comment)) # Anonymous is allowed logout() self.assertTrue(checkPerm(View, self.comment)) # Editor is allowed login(self.portal, 'editor') self.assertTrue(checkPerm(View, self.comment)) # Reader is allowed login(self.portal, 'reader') self.assertTrue(checkPerm(View, self.comment))
def testPermissions(self): for content in self.demo_instances: self.assertTrue(checkPerm(permissions.View, content)) self.assertTrue( checkPerm(permissions.AccessContentsInformation, content)) self.assertTrue(checkPerm(permissions.ModifyPortalContent, content))
def testAutoPublishMemberposting(self): self.login('member') self.failUnless(checkPerm(permissions.ApproveComment, self.forum)) self.failUnless(checkPerm(permissions.ApproveComment, self.conv)) self.failUnless(checkPerm(permissions.ApproveComment, self.comment)) self.assertEqual(self.workflow.getInfoFor(self.forum, 'review_state'), 'memberposting') self.assertEqual(self.workflow.getInfoFor(self.conv, 'review_state'), 'active') self.assertEqual(self.workflow.getInfoFor(self.comment, 'review_state'), 'published')
def test_publish_comment_on_private_content_does_not_make_comment_visible_to_world(self): logout() self.assertFalse(checkPerm(View, self.comment)) # publish comment and check again login(self.portal, TEST_USER_NAME) workflow = self.portal.portal_workflow workflow.doActionFor(self.comment, 'publish') logout() self.assertFalse(checkPerm(View, self.comment))
def test_publish_comment_on_private_content_not_visible_to_world(self): logout() self.assertFalse(checkPerm(View, self.comment)) # publish comment and check again login(self.portal, TEST_USER_NAME) workflow = self.portal.portal_workflow workflow.doActionFor(self.comment, 'publish') logout() self.assertFalse(checkPerm(View, self.comment))
def testCommentEditing(self): self.login('manager') conv = self.forum.addConversation('conv2', 'conv2 body') self.failUnless(checkPerm(permissions.EditComment, self.comment)) self.logout() self.login('member2') self.failIf(checkPerm(permissions.EditComment, self.comment))
def testCommentEditing(self): self.login('manager') conv = self.forum.addConversation('conv2', 'conv2 body') self.failUnless(checkPerm(permissions.EditComment, self.comment)) self.logout() self.login('member2') self.failIf(checkPerm(permissions.EditComment, self.comment))
def testViewVisibleFolder(self): # Owner is allowed self.assertTrue(checkPerm(View, self.dir)) # Member is allowed self.login('member') self.assertTrue(checkPerm(View, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(View, self.dir)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(View, self.dir))
def testListVisibleFolderContents(self): # Owner is allowed self.failUnless(checkPerm(ListFolderContents, self.dir)) # Member is denied self.login('member') self.failIf(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied self.logout() self.failIf(checkPerm(ListFolderContents, self.dir))
def testModifyVisibleEvent(self): # Owner is allowed self.failUnless(checkPerm(ChangeEvents, self.ev)) # Member is denied self.login('member') self.failIf(checkPerm(ChangeEvents, self.ev)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ChangeEvents, self.ev)) # Anonymous is denied self.logout() self.failIf(checkPerm(ChangeEvents, self.ev))
def testModifyVisibleEvent(self): # Owner is allowed self.assertTrue(checkPerm(ChangeEvents, self.ni)) # Member is denied self.login('member') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ChangeEvents, self.ni))
def testViewVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(View, self.doc)) # Member is allowed self.login("member") self.failUnless(checkPerm(View, self.doc)) # Reviewer is allowed self.login("reviewer") self.failUnless(checkPerm(View, self.doc)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(View, self.doc))
def test_modify_permission_new_state(self): perm = 'Modify portal content' self.user('Manager') self.assertTrue(checkPerm(perm, self.reg)) self.user('Editor') self.assertTrue(checkPerm(perm, self.reg)) self.user('Member') self.assertFalse(checkPerm(perm, self.reg)) self.user('Owner') self.assertTrue(checkPerm(perm, self.reg)) logout() self.assertFalse(checkPerm(perm, self.reg))
def test_view_permission_new_state(self): perm = 'View' self.user('Manager') self.assertTrue(checkPerm(perm, self.reg)) self.user('Editor') self.assertTrue(checkPerm(perm, self.reg)) self.user('Member') self.assertFalse(checkPerm(perm, self.reg)) self.user('Owner') self.assertTrue(checkPerm(perm, self.reg)) logout() self.assertFalse(checkPerm(perm, self.reg))
def testAccessVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed self.login("member") self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login("reviewer") self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(AccessContentsInformation, self.doc))
def testModifyVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login("member") self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is denied self.login("reviewer") self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.failIf(checkPerm(ModifyPortalContent, self.doc))
def testViewVisibleFolder(self): # Owner is allowed self.failUnless(checkPerm(View, self.dir)) # Member is allowed self.login('member') self.failUnless(checkPerm(View, self.dir)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(View, self.dir)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(View, self.dir))
def testModifyVisibleEvent(self): # Owner is allowed self.assertTrue(checkPerm(ChangeEvents, self.ni)) # Member is denied self.login('member') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ChangeEvents, self.ni))
def testModifyVisibleEvent(self): # Owner is allowed self.failUnless(checkPerm(ChangeEvents, self.ev)) # Member is denied self.login('member') self.failIf(checkPerm(ChangeEvents, self.ev)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ChangeEvents, self.ev)) # Anonymous is denied self.logout() self.failIf(checkPerm(ChangeEvents, self.ev))
def testViewVisibleFolder(self): # Owner is allowed self.assertTrue(checkPerm(View, self.dir)) # Member is allowed login(self.portal, 'member') self.assertTrue(checkPerm(View, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(View, self.dir)) # Anonymous is allowed logout() self.assertTrue(checkPerm(View, self.dir))
def testAccessVisibleFolderContents(self): # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Member is allowed login(self.portal, 'member') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Anonymous is allowed logout() self.assertTrue(checkPerm(AccessContentsInformation, self.dir))
def testAccessVisibleDocument(self): # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed self.login('member') self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(AccessContentsInformation, self.doc))
def testViewVisibleDocument(self): # Owner is allowed self.assertTrue(checkPerm(View, self.doc)) # Member is allowed self.login('member') self.assertTrue(checkPerm(View, self.doc)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(View, self.doc)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(View, self.doc))
def testAccessVisibleFolderContents(self): # Owner is allowed self.failUnless(checkPerm(AccessContentsInformation, self.dir)) # Member is allowed self.login('member') self.failUnless(checkPerm(AccessContentsInformation, self.dir)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(AccessContentsInformation, self.dir)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(AccessContentsInformation, self.dir))
def testListVisibleFolderContents(self): # Owner is allowed self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Member is denied login(self.portal, 'member') self.assertFalse(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied logout() self.assertFalse(checkPerm(ListFolderContents, self.dir))
def testModifyVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.failIf(checkPerm(ModifyPortalContent, self.doc))
def testListVisibleFolderContents(self): # Owner is allowed self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Member is denied self.login('member') self.assertFalse(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ListFolderContents, self.dir))
def testAccessVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed self.login('member') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(AccessContentsInformation, self.doc))
def testAccessVisibleFolderContents(self): # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Member is allowed self.login('member') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(AccessContentsInformation, self.dir))
def testViewVisibleDocument(self): # Owner is allowed self.failUnless(checkPerm(View, self.doc)) # Member is allowed self.login('member') self.failUnless(checkPerm(View, self.doc)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(View, self.doc)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(View, self.doc))
def testModifyVisibleDocument(self): # Owner is allowed self.assertTrue(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ModifyPortalContent, self.doc))
def testAccessPrivateDocument(self): self.workflow.doActionFor(self.doc, 'hide') # Owner is allowed self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Member is denied self.login('member') self.failIf(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is denied self.logout() self.failIf(checkPerm(AccessContentsInformation, self.doc))
def testModifyPrivateDocument(self): self.workflow.doActionFor(self.doc, 'hide') # Owner is allowed self.assertTrue(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ModifyPortalContent, self.doc))
def testViewPendingDocument(self): self.workflow.doActionFor(self.doc, 'submit') # Owner is allowed self.assertTrue(checkPerm(View, self.doc)) # Member is allowed (TODO:?) self.login('member') self.assertTrue(checkPerm(View, self.doc)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(View, self.doc)) # Anonymous is allowed (TODO:?) self.logout() self.assertTrue(checkPerm(View, self.doc))
def testListPrivateFolderContents(self): self.workflow.doActionFor(self.dir, 'hide') # Owner is allowed self.failUnless(checkPerm(ListFolderContents, self.dir)) # Member is denied self.login('member') self.failIf(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied self.logout() self.failIf(checkPerm(ListFolderContents, self.dir))
def testModifyPendingEvent(self): self.workflow.doActionFor(self.ni, 'submit') # Owner is denied self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Member is denied self.login('member') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(ChangeEvents, self.ni)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ChangeEvents, self.ni))
def testViewPrivateFolder(self): self.workflow.doActionFor(self.dir, 'hide') # Owner is allowed self.assertTrue(checkPerm(View, self.dir)) # Member is denied self.login('member') self.assertFalse(checkPerm(View, self.dir)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(View, self.dir)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(View, self.dir))
def testAccessPendingDocument(self): self.workflow.doActionFor(self.doc, 'submit') # Owner is allowed self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed (TODO:?) self.login('member') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed (TODO:?) self.logout() self.failUnless(checkPerm(AccessContentsInformation, self.doc))
def testModifyPendingDocument(self): self.workflow.doActionFor(self.doc, 'submit') # Owner is denied self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.assertFalse(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ModifyPortalContent, self.doc))
def testAccessPendingDocument(self): self.workflow.doActionFor(self.doc, 'submit') # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed (TODO:?) self.login('member') self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed (TODO:?) self.logout() self.assertTrue(checkPerm(AccessContentsInformation, self.doc))
def testModifyPendingEvent(self): self.workflow.doActionFor(self.ev, 'submit') # Owner is denied self.failIf(checkPerm(ChangeEvents, self.ev)) # Member is denied self.login('member') self.failIf(checkPerm(ChangeEvents, self.ev)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(ChangeEvents, self.ev)) # Anonymous is denied self.logout() self.failIf(checkPerm(ChangeEvents, self.ev))
def testListPublishedFolderContents(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Member is denied self.login('member') self.assertFalse(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ListFolderContents, self.dir))
def testModifyPendingDocument(self): self.workflow.doActionFor(self.doc, 'submit') # Owner is denied self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.failIf(checkPerm(ModifyPortalContent, self.doc))
def testAccessPublishedFolderContents(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Member is allowed self.login('member') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(AccessContentsInformation, self.dir))
def testModifyPendingEvent(self): self.workflow.doActionFor(self.ni, 'submit') # Owner is denied self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Member is denied self.login('member') self.assertFalse(checkPerm(ChangeEvents, self.ni)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(ChangeEvents, self.ni)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(ChangeEvents, self.ni))
def testModifyPublishedFolderContents(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.failUnless(checkPerm(ModifyPortalContent, self.dir)) # Member is denied self.login('member') self.failIf(checkPerm(ModifyPortalContent, self.dir)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ModifyPortalContent, self.dir)) # Anonymous is denied self.logout() self.failIf(checkPerm(ModifyPortalContent, self.dir))
def testAccessPrivateDocument(self): self.workflow.doActionFor(self.doc, 'hide') # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.doc)) # Member is denied self.login('member') self.assertFalse(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is denied self.login('reviewer') self.assertFalse(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is denied self.logout() self.assertFalse(checkPerm(AccessContentsInformation, self.doc))
def testListPublishedFolderContents(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Member is denied login(self.portal, 'member') self.assertFalse(checkPerm(ListFolderContents, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(ListFolderContents, self.dir)) # Anonymous is denied logout() self.assertFalse(checkPerm(ListFolderContents, self.dir))
def testViewPublishedFolder(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(View, self.dir)) # Member is allowed self.login('member') self.assertTrue(checkPerm(View, self.dir)) # Reviewer is allowed self.login('reviewer') self.assertTrue(checkPerm(View, self.dir)) # Anonymous is allowed self.logout() self.assertTrue(checkPerm(View, self.dir))
def testModifyPrivateFolderContents(self): self.workflow.doActionFor(self.dir, 'hide') # Owner is allowed self.assertTrue(checkPerm(ModifyPortalContent, self.dir)) # Member is denied login(self.portal, 'member') self.assertFalse(checkPerm(ModifyPortalContent, self.dir)) # Reviewer is denied login(self.portal, 'reviewer') self.assertFalse(checkPerm(ModifyPortalContent, self.dir)) # Anonymous is denied logout() self.assertFalse(checkPerm(ModifyPortalContent, self.dir))
def testAccessPublishedFolderContents(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Member is allowed login(self.portal, 'member') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(AccessContentsInformation, self.dir)) # Anonymous is allowed logout() self.assertTrue(checkPerm(AccessContentsInformation, self.dir))
def testViewPublishedFolder(self): self.workflow.doActionFor(self.dir, 'publish') # Owner is allowed self.assertTrue(checkPerm(View, self.dir)) # Member is allowed login(self.portal, 'member') self.assertTrue(checkPerm(View, self.dir)) # Reviewer is allowed login(self.portal, 'reviewer') self.assertTrue(checkPerm(View, self.dir)) # Anonymous is allowed logout() self.assertTrue(checkPerm(View, self.dir))
def testAutoPublishMemberposting(self): self.login('member') self.failUnless(checkPerm(permissions.ApproveComment, self.forum)) self.failUnless(checkPerm(permissions.ApproveComment, self.conv)) self.failUnless(checkPerm(permissions.ApproveComment, self.comment)) self.assertEqual(self.workflow.getInfoFor(self.forum, 'review_state'), 'memberposting') self.assertEqual(self.workflow.getInfoFor(self.conv, 'review_state'), 'active') self.assertEqual( self.workflow.getInfoFor(self.comment, 'review_state'), 'published')
def testAccessPublishedDocument(self): self.login('reviewer') self.workflow.doActionFor(self.doc, 'publish') # Owner is allowed self.login(default_user) self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Member is allowed self.login('member') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Reviewer is allowed self.login('reviewer') self.failUnless(checkPerm(AccessContentsInformation, self.doc)) # Anonymous is allowed self.logout() self.failUnless(checkPerm(AccessContentsInformation, self.doc))
def testModifyPublishedDocument(self): self.login('reviewer') self.workflow.doActionFor(self.doc, 'publish') # Owner is denied self.login(default_user) self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Member is denied self.login('member') self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ModifyPortalContent, self.doc)) # Anonymous is denied self.logout() self.failIf(checkPerm(ModifyPortalContent, self.doc))
def testModifyPublishedEvent(self): self.login('reviewer') self.workflow.doActionFor(self.ev, 'publish') # Owner is denied self.login(default_user) self.failIf(checkPerm(ChangeEvents, self.ev)) # Member is denied self.login('member') self.failIf(checkPerm(ChangeEvents, self.ev)) # Reviewer is denied self.login('reviewer') self.failIf(checkPerm(ChangeEvents, self.ev)) # Anonymous is denied self.logout() self.failIf(checkPerm(ChangeEvents, self.ev))