435 lines
24 KiB
Python
435 lines
24 KiB
Python
|
# -*- coding: utf-8 -*-
|
||
|
# Part of Odoo. See LICENSE file for full copyright and licensing details.
|
||
|
|
||
|
from odoo import Command
|
||
|
from odoo.osv import expression
|
||
|
from odoo.exceptions import AccessError
|
||
|
from odoo.tools import mute_logger
|
||
|
from odoo.tests import tagged
|
||
|
from odoo.tests.common import Form
|
||
|
|
||
|
from .test_project_base import TestProjectCommon
|
||
|
|
||
|
|
||
|
class TestProjectSharingCommon(TestProjectCommon):
|
||
|
|
||
|
@classmethod
|
||
|
def setUpClass(cls):
|
||
|
super().setUpClass()
|
||
|
|
||
|
project_sharing_stages_vals_list = [
|
||
|
(0, 0, {'name': 'To Do', 'sequence': 1}),
|
||
|
(0, 0, {'name': 'Done', 'sequence': 10, 'fold': True, 'rating_template_id': cls.env.ref('project.rating_project_request_email_template').id}),
|
||
|
]
|
||
|
|
||
|
cls.partner_portal = cls.env['res.partner'].create({
|
||
|
'name': 'Chell Gladys',
|
||
|
'email': 'chell@gladys.portal',
|
||
|
'company_id': False,
|
||
|
'user_ids': [Command.link(cls.user_portal.id)]})
|
||
|
|
||
|
cls.project_cows = cls.env['project.project'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'Cows',
|
||
|
'privacy_visibility': 'portal',
|
||
|
'alias_name': 'project+cows',
|
||
|
'type_ids': project_sharing_stages_vals_list,
|
||
|
})
|
||
|
cls.project_portal = cls.env['project.project'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'Portal',
|
||
|
'privacy_visibility': 'portal',
|
||
|
'alias_name': 'project+portal',
|
||
|
'partner_id': cls.user_portal.partner_id.id,
|
||
|
'type_ids': project_sharing_stages_vals_list,
|
||
|
})
|
||
|
cls.project_portal.message_subscribe(partner_ids=[cls.partner_portal.id])
|
||
|
|
||
|
cls.project_no_collabo = cls.env['project.project'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'No Collabo',
|
||
|
'privacy_visibility': 'followers',
|
||
|
'alias_name': 'project+nocollabo',
|
||
|
})
|
||
|
|
||
|
cls.task_cow = cls.env['project.task'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'Cow UserTask',
|
||
|
'user_ids': cls.user_projectuser,
|
||
|
'project_id': cls.project_cows.id,
|
||
|
})
|
||
|
cls.task_portal = cls.env['project.task'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'Portal UserTask',
|
||
|
'user_ids': cls.user_projectuser,
|
||
|
'project_id': cls.project_portal.id,
|
||
|
})
|
||
|
cls.task_no_collabo = cls.env['project.task'].with_context({'mail_create_nolog': True}).create({
|
||
|
'name': 'No Collabo Task',
|
||
|
'project_id': cls.project_no_collabo.id,
|
||
|
})
|
||
|
|
||
|
cls.task_tag = cls.env['project.tags'].create({'name': 'Foo'})
|
||
|
|
||
|
cls.project_sharing_form_view_xml_id = 'project.project_sharing_project_task_view_form'
|
||
|
|
||
|
def get_project_sharing_form_view(self, record, with_user=None):
|
||
|
return Form(
|
||
|
record.with_user(with_user or self.env.user),
|
||
|
view=self.project_sharing_form_view_xml_id
|
||
|
)
|
||
|
|
||
|
@tagged('project_sharing')
|
||
|
class TestProjectSharing(TestProjectSharingCommon):
|
||
|
|
||
|
def test_project_share_wizard(self):
|
||
|
""" Test Project Share Wizard
|
||
|
|
||
|
Test Cases:
|
||
|
==========
|
||
|
1) Create the wizard record
|
||
|
2) Check if no access rights are given to a portal user
|
||
|
3) Add access rights to a portal user
|
||
|
"""
|
||
|
project_share_wizard = self.env['project.share.wizard'].create({
|
||
|
'res_model': 'project.project',
|
||
|
'res_id': self.project_portal.id,
|
||
|
'access_mode': 'edit',
|
||
|
})
|
||
|
self.assertFalse(project_share_wizard.partner_ids, 'No collaborator should be in the wizard.')
|
||
|
self.assertFalse(self.project_portal.with_user(self.user_portal)._check_project_sharing_access(), 'The portal user should not have accessed in project sharing views.')
|
||
|
project_share_wizard.write({'partner_ids': [Command.link(self.user_portal.partner_id.id)]})
|
||
|
project_share_wizard.action_send_mail()
|
||
|
self.assertEqual(len(self.project_portal.collaborator_ids), 1, 'The access right added in project share wizard should be added in the project when the user confirm the access in the wizard.')
|
||
|
self.assertDictEqual({
|
||
|
'partner_id': self.project_portal.collaborator_ids.partner_id,
|
||
|
'project_id': self.project_portal.collaborator_ids.project_id,
|
||
|
}, {
|
||
|
'partner_id': self.user_portal.partner_id,
|
||
|
'project_id': self.project_portal,
|
||
|
}, 'The access rights added should be the read access for the portal project for Chell Gladys.')
|
||
|
self.assertTrue(self.project_portal.with_user(self.user_portal)._check_project_sharing_access(), 'The portal user should have read access to the portal project with project sharing feature.')
|
||
|
|
||
|
def test_project_sharing_access(self):
|
||
|
""" Check if the different user types can access to project sharing feature as expected. """
|
||
|
with self.assertRaises(AccessError, msg='The public user should not have any access to project sharing feature of the portal project.'):
|
||
|
self.project_portal.with_user(self.user_public)._check_project_sharing_access()
|
||
|
self.assertTrue(self.project_portal.with_user(self.user_projectuser)._check_project_sharing_access(), 'The internal user should have all accesses to project sharing feature of the portal project.')
|
||
|
self.assertFalse(self.project_portal.with_user(self.user_portal)._check_project_sharing_access(), 'The portal user should not have any access to project sharing feature of the portal project.')
|
||
|
self.project_portal.write({'collaborator_ids': [Command.create({'partner_id': self.user_portal.partner_id.id})]})
|
||
|
self.assertTrue(self.project_portal.with_user(self.user_portal)._check_project_sharing_access(), 'The portal user can access to project sharing feature of the portal project.')
|
||
|
|
||
|
@mute_logger('odoo.addons.base.models.ir_model', 'odoo.addons.base.models.ir_rule')
|
||
|
def test_create_task_in_project_sharing(self):
|
||
|
""" Test when portal user creates a task in project sharing views.
|
||
|
|
||
|
Test Cases:
|
||
|
==========
|
||
|
1) Give the 'read' access mode to a portal user in a project and try to create task with this user.
|
||
|
2) Give the 'comment' access mode to a portal user in a project and try to create task with this user.
|
||
|
3) Give the 'edit' access mode to a portal user in a project and try to create task with this user.
|
||
|
3.1) Try to change the project of the new task with this user.
|
||
|
"""
|
||
|
Task = self.env['project.task'].with_context({'tracking_disable': True, 'default_project_id': self.project_portal.id, 'default_user_ids': [(4, self.user_portal.id)]})
|
||
|
# 1) Give the 'read' access mode to a portal user in a project and try to create task with this user.
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user create a task in the project when he has not the edit access right."):
|
||
|
with self.get_project_sharing_form_view(Task, self.user_portal) as form:
|
||
|
form.name = 'Test'
|
||
|
task = form.save()
|
||
|
|
||
|
self.project_portal.write({
|
||
|
'collaborator_ids': [
|
||
|
Command.create({'partner_id': self.user_portal.partner_id.id}),
|
||
|
],
|
||
|
})
|
||
|
with self.get_project_sharing_form_view(Task, self.user_portal) as form:
|
||
|
form.name = 'Test'
|
||
|
with form.child_ids.new() as subtask_form:
|
||
|
subtask_form.name = 'Test Subtask'
|
||
|
task = form.save()
|
||
|
self.assertEqual(task.name, 'Test')
|
||
|
self.assertEqual(task.project_id, self.project_portal)
|
||
|
self.assertFalse(task.portal_user_names)
|
||
|
|
||
|
# Check creating a sub-task while creating the parent task works as expected.
|
||
|
self.assertEqual(task.child_ids.name, 'Test Subtask')
|
||
|
self.assertEqual(task.child_ids.project_id, self.project_portal)
|
||
|
self.assertFalse(task.child_ids.portal_user_names, 'by default no user should be assigned to a subtask created by the portal user.')
|
||
|
self.assertFalse(task.child_ids.user_ids, 'No user should be assigned to the new subtask.')
|
||
|
|
||
|
# 3.1) Try to change the project of the new task with this user.
|
||
|
with self.assertRaises(AssertionError, msg="Should not accept the portal user changes the project of the task."):
|
||
|
form.project_id = self.project_cows
|
||
|
task = form.save()
|
||
|
|
||
|
Task = Task.with_user(self.user_portal)
|
||
|
# Create/Update a forbidden task through child_ids
|
||
|
with self.assertRaisesRegex(AccessError, "You cannot write on color"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.create({'name': 'Foo', 'color': 1})]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.update(self.task_no_collabo.id, {'name': 'Foo'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.delete(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.unlink(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.link(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.create({'name': 'foo', 'child_ids': [Command.set([self.task_no_collabo.id])]})
|
||
|
|
||
|
# Same thing but using context defaults
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.with_context(default_child_ids=[Command.update(self.task_no_collabo.id, {'name': 'Foo'})]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.with_context(default_child_ids=[Command.delete(self.task_no_collabo.id)]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.with_context(default_child_ids=[Command.unlink(self.task_no_collabo.id)]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.with_context(default_child_ids=[Command.link(self.task_no_collabo.id)]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
Task.with_context(default_child_ids=[Command.set([self.task_no_collabo.id])]).create({'name': 'foo'})
|
||
|
|
||
|
# Create/update a tag through tag_ids
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to create 'Project Tags'"):
|
||
|
Task.create({'name': 'foo', 'tag_ids': [Command.create({'name': 'Bar'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to modify 'Project Tags'"):
|
||
|
Task.create({'name': 'foo', 'tag_ids': [Command.update(self.task_tag.id, {'name': 'Bar'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to delete 'Project Tags'"):
|
||
|
Task.create({'name': 'foo', 'tag_ids': [Command.delete(self.task_tag.id)]})
|
||
|
|
||
|
# Same thing but using context defaults
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to create 'Project Tags'"):
|
||
|
Task.with_context(default_tag_ids=[Command.create({'name': 'Bar'})]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to modify 'Project Tags'"):
|
||
|
Task.with_context(default_tag_ids=[Command.update(self.task_tag.id, {'name': 'Bar'})]).create({'name': 'foo'})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to delete 'Project Tags'"):
|
||
|
Task.with_context(default_tag_ids=[Command.delete(self.task_tag.id)]).create({'name': 'foo'})
|
||
|
|
||
|
task = Task.create({'name': 'foo', 'tag_ids': [Command.link(self.task_tag.id)]})
|
||
|
self.assertEqual(task.tag_ids, self.task_tag)
|
||
|
|
||
|
Task.create({'name': 'foo', 'tag_ids': [Command.set([self.task_tag.id])]})
|
||
|
self.assertEqual(task.tag_ids, self.task_tag)
|
||
|
|
||
|
@mute_logger('odoo.addons.base.models.ir_model', 'odoo.addons.base.models.ir_rule')
|
||
|
def test_edit_task_in_project_sharing(self):
|
||
|
""" Test when portal user creates a task in project sharing views.
|
||
|
|
||
|
Test Cases:
|
||
|
==========
|
||
|
1) Give the 'read' access mode to a portal user in a project and try to edit task with this user.
|
||
|
2) Give the 'comment' access mode to a portal user in a project and try to edit task with this user.
|
||
|
3) Give the 'edit' access mode to a portal user in a project and try to create task with this user.
|
||
|
3.1) Try to change the project of the new task with this user.
|
||
|
3.2) Create a sub-task
|
||
|
3.3) Create a second sub-task
|
||
|
"""
|
||
|
# 1) Give the 'read' access mode to a portal user in a project and try to create task with this user.
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user create a task in the project when he has not the edit access right."):
|
||
|
with self.get_project_sharing_form_view(self.task_cow.with_context({'tracking_disable': True, 'default_project_id': self.project_cows.id}), self.user_portal) as form:
|
||
|
form.name = 'Test'
|
||
|
task = form.save()
|
||
|
|
||
|
project_share_wizard = self.env['project.share.wizard'].create({
|
||
|
'access_mode': 'edit',
|
||
|
'res_model': 'project.project',
|
||
|
'res_id': self.project_cows.id,
|
||
|
'partner_ids': [
|
||
|
Command.link(self.user_portal.partner_id.id),
|
||
|
],
|
||
|
})
|
||
|
project_share_wizard.action_send_mail()
|
||
|
|
||
|
with self.get_project_sharing_form_view(self.task_cow.with_context({'tracking_disable': True, 'default_project_id': self.project_cows.id, 'uid': self.user_portal.id}), self.user_portal) as form:
|
||
|
form.name = 'Test'
|
||
|
task = form.save()
|
||
|
self.assertEqual(task.name, 'Test')
|
||
|
self.assertEqual(task.project_id, self.project_cows)
|
||
|
|
||
|
# 3.1) Try to change the project of the new task with this user.
|
||
|
with self.assertRaises(AssertionError, msg="Should not accept the portal user changes the project of the task."):
|
||
|
with self.get_project_sharing_form_view(task, self.user_portal) as form:
|
||
|
form.project_id = self.project_portal
|
||
|
|
||
|
# 3.2) Create a sub-task
|
||
|
with self.get_project_sharing_form_view(task, self.user_portal) as form:
|
||
|
with form.child_ids.new() as subtask_form:
|
||
|
subtask_form.name = 'Test Subtask'
|
||
|
with self.assertRaises(AssertionError, msg="Should not accept the portal user changes the project of the task."):
|
||
|
subtask_form.project_id = self.project_portal
|
||
|
self.assertEqual(task.child_ids.name, 'Test Subtask')
|
||
|
self.assertEqual(task.child_ids.project_id, self.project_cows)
|
||
|
self.assertFalse(task.child_ids.portal_user_names, 'by default no user should be assigned to a subtask created by the portal user.')
|
||
|
self.assertFalse(task.child_ids.user_ids, 'No user should be assigned to the new subtask.')
|
||
|
|
||
|
task2 = self.env['project.task'] \
|
||
|
.with_context({
|
||
|
'tracking_disable': True,
|
||
|
'default_project_id': self.project_cows.id,
|
||
|
'default_user_ids': [Command.set(self.user_portal.ids)],
|
||
|
}) \
|
||
|
.with_user(self.user_portal) \
|
||
|
.create({'name': 'Test'})
|
||
|
self.assertFalse(task2.portal_user_names, 'the portal user should not be assigned when the portal user creates a task into the project shared.')
|
||
|
|
||
|
# 3.3) Create a second sub-task
|
||
|
with self.get_project_sharing_form_view(task, self.user_portal) as form:
|
||
|
with form.child_ids.new() as subtask_form:
|
||
|
subtask_form.name = 'Test Subtask'
|
||
|
self.assertEqual(len(task.child_ids), 2, 'Check 2 subtasks has correctly been created by the user portal.')
|
||
|
|
||
|
# Create/Update a forbidden task through child_ids
|
||
|
with self.assertRaisesRegex(AccessError, "You cannot write on color"):
|
||
|
task.write({'child_ids': [Command.create({'name': 'Foo', 'color': 1})]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
task.write({'child_ids': [Command.update(self.task_no_collabo.id, {'name': 'Foo'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
task.write({'child_ids': [Command.delete(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
task.write({'child_ids': [Command.unlink(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
task.write({'child_ids': [Command.link(self.task_no_collabo.id)]})
|
||
|
with self.assertRaisesRegex(AccessError, "top-secret records"):
|
||
|
task.write({'child_ids': [Command.set([self.task_no_collabo.id])]})
|
||
|
|
||
|
# Create/update a tag through tag_ids
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to create 'Project Tags'"):
|
||
|
task.write({'tag_ids': [Command.create({'name': 'Bar'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to modify 'Project Tags'"):
|
||
|
task.write({'tag_ids': [Command.update(self.task_tag.id, {'name': 'Bar'})]})
|
||
|
with self.assertRaisesRegex(AccessError, "not allowed to delete 'Project Tags'"):
|
||
|
task.write({'tag_ids': [Command.delete(self.task_tag.id)]})
|
||
|
|
||
|
task.write({'tag_ids': [Command.link(self.task_tag.id)]})
|
||
|
self.assertEqual(task.tag_ids, self.task_tag)
|
||
|
|
||
|
task.write({'tag_ids': [Command.unlink(self.task_tag.id)]})
|
||
|
self.assertFalse(task.tag_ids)
|
||
|
|
||
|
task.write({'tag_ids': [Command.link(self.task_tag.id)]})
|
||
|
task.write({'tag_ids': [Command.clear()]})
|
||
|
self.assertFalse(task.tag_ids, [])
|
||
|
|
||
|
task.write({'tag_ids': [Command.set([self.task_tag.id])]})
|
||
|
self.assertEqual(task.tag_ids, self.task_tag)
|
||
|
|
||
|
|
||
|
def test_portal_user_cannot_see_all_assignees(self):
|
||
|
""" Test when the portal sees a task he cannot see all the assignees.
|
||
|
|
||
|
Because of a ir.rule in res.partner filters the assignees, the portal
|
||
|
can only see the assignees in the same company than him.
|
||
|
|
||
|
Test Cases:
|
||
|
==========
|
||
|
1) add many assignees in a task
|
||
|
2) check the portal user can read no assignee in this task. Should have an AccessError exception
|
||
|
"""
|
||
|
self.task_cow.write({'user_ids': [Command.link(self.user_projectmanager.id)]})
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user to access to a task he does not follow it and its project."):
|
||
|
self.task_cow.with_user(self.user_portal).read(['portal_user_names'])
|
||
|
self.assertEqual(len(self.task_cow.user_ids), 2, '2 users should be assigned in this task.')
|
||
|
|
||
|
project_share_wizard = self.env['project.share.wizard'].create({
|
||
|
'access_mode': 'edit',
|
||
|
'res_model': 'project.project',
|
||
|
'res_id': self.project_cows.id,
|
||
|
'partner_ids': [
|
||
|
Command.link(self.user_portal.partner_id.id),
|
||
|
],
|
||
|
})
|
||
|
project_share_wizard.action_send_mail()
|
||
|
|
||
|
self.assertFalse(self.task_cow.with_user(self.user_portal).user_ids, 'the portal user should see no assigness in the task.')
|
||
|
task_portal_read = self.task_cow.with_user(self.user_portal).read(['portal_user_names'])
|
||
|
self.assertEqual(self.task_cow.portal_user_names, task_portal_read[0]['portal_user_names'], 'the portal user should see assignees name in the task via the `portal_user_names` field.')
|
||
|
|
||
|
def test_portal_user_can_change_stage_with_rating(self):
|
||
|
""" Test portal user can change the stage of task to a stage with rating template email
|
||
|
|
||
|
The user should be able to change the stage and the email should be sent as expected
|
||
|
if a email template is set in `rating_template_id` field in the new stage.
|
||
|
"""
|
||
|
self.project_portal.write({
|
||
|
'rating_active': True,
|
||
|
'rating_status': 'stage',
|
||
|
'collaborator_ids': [
|
||
|
Command.create({'partner_id': self.user_portal.partner_id.id}),
|
||
|
],
|
||
|
})
|
||
|
self.task_portal.with_user(self.user_portal).write({'stage_id': self.project_portal.type_ids[-1].id})
|
||
|
|
||
|
def test_orm_method_with_true_false_domain(self):
|
||
|
""" Test orm method overriden in project for project sharing works with TRUE_LEAF/FALSE_LEAF
|
||
|
|
||
|
Test Case
|
||
|
=========
|
||
|
1) Share a project in edit mode for portal user
|
||
|
2) Search the portal task contained in the project shared by using a domain with TRUE_LEAF
|
||
|
3) Check the task is found with the `search` method
|
||
|
4) filter the task with `TRUE_DOMAIN` and check if the task is always returned by `filtered_domain` method
|
||
|
5) filter the task with `FALSE_DOMAIN` and check if no task is returned by `filtered_domain` method
|
||
|
6) Search the task with `FALSE_LEAF` and check no task is found with `search` method
|
||
|
7) Call `read_group` method with `TRUE_LEAF` in the domain and check if the task is found
|
||
|
8) Call `read_group` method with `FALSE_LEAF` in the domain and check if no task is found
|
||
|
"""
|
||
|
domain = [('id', '=', self.task_portal.id)]
|
||
|
self.project_portal.write({
|
||
|
'collaborator_ids': [Command.create({
|
||
|
'partner_id': self.user_portal.partner_id.id,
|
||
|
})],
|
||
|
})
|
||
|
task = self.env['project.task'].with_user(self.user_portal).search(
|
||
|
expression.AND([
|
||
|
expression.TRUE_DOMAIN,
|
||
|
domain,
|
||
|
])
|
||
|
)
|
||
|
self.assertTrue(task, 'The task should be found.')
|
||
|
self.assertEqual(task, task.filtered_domain(expression.TRUE_DOMAIN), 'The task found should be kept since the domain is truly')
|
||
|
self.assertFalse(task.filtered_domain(expression.FALSE_DOMAIN), 'The task should not be found since the domain is falsy')
|
||
|
task = self.env['project.task'].with_user(self.user_portal).search(
|
||
|
expression.AND([
|
||
|
expression.FALSE_DOMAIN,
|
||
|
domain,
|
||
|
]),
|
||
|
)
|
||
|
self.assertFalse(task, 'No task should be found since the domain contained a falsy tuple.')
|
||
|
|
||
|
task_read_group = self.env['project.task'].read_group(
|
||
|
expression.AND([expression.TRUE_DOMAIN, domain]),
|
||
|
['id:min'],
|
||
|
[],
|
||
|
)
|
||
|
self.assertEqual(task_read_group[0]['__count'], 1, 'The task should be found with the read_group method containing a truly tuple.')
|
||
|
self.assertEqual(task_read_group[0]['id'], self.task_portal.id, 'The task should be found with the read_group method containing a truly tuple.')
|
||
|
|
||
|
task_read_group = self.env['project.task'].read_group(
|
||
|
expression.AND([expression.FALSE_DOMAIN, domain]),
|
||
|
['id:min'],
|
||
|
[],
|
||
|
)
|
||
|
self.assertFalse(task_read_group[0]['__count'], 'No result should found with the read_group since the domain is falsy.')
|
||
|
|
||
|
def test_milestone_read_access_right(self):
|
||
|
""" This test ensures that a portal user has read access on the milestone of the project that was shared with him """
|
||
|
|
||
|
project_milestone = self.env['project.milestone'].create({
|
||
|
'name': 'Test Project Milestone',
|
||
|
'project_id': self.project_portal.id,
|
||
|
})
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user to access to a milestone if he's not a collaborator of its project."):
|
||
|
project_milestone.with_user(self.user_portal).read(['name'])
|
||
|
|
||
|
self.project_portal.write({
|
||
|
'collaborator_ids': [Command.create({
|
||
|
'partner_id': self.user_portal.partner_id.id,
|
||
|
})],
|
||
|
})
|
||
|
# Reading the milestone should no longer trigger an access error.
|
||
|
project_milestone.with_user(self.user_portal).read(['name'])
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user to update a milestone."):
|
||
|
project_milestone.with_user(self.user_portal).write(['name'])
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user to delete a milestone."):
|
||
|
project_milestone.with_user(self.user_portal).unlink()
|
||
|
with self.assertRaises(AccessError, msg="Should not accept the portal user to create a milestone."):
|
||
|
self.env['project.milestone'].with_user(self.user_portal).create({
|
||
|
'name': 'Test Project new Milestone',
|
||
|
'project_id': self.project_portal.id,
|
||
|
})
|