source: main/waeup.sirp/trunk/src/waeup/sirp/students/tests/test_dynamicroles.py @ 7188

## $Id: test_dynamicroles.py 7159 2011-11-21 10:11:07Z henrik $
## 
## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
## This program is free software; you can redistribute it and/or modify
## it under the terms of the GNU General Public License as published by
## the Free Software Foundation; either version 2 of the License, or
## (at your option) any later version.
## 
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
## GNU General Public License for more details.
## 
## You should have received a copy of the GNU General Public License
## along with this program; if not, write to the Free Software
## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
##
"""
Tests for dynamic roles concerning students and related.
"""
from zope.interface import verify
from zope.securitypolicy.interfaces import IPrincipalRoleManager
from zope.securitypolicy.settings import Allow, Deny, Unset
from zope.securitypolicy.tests.test_securitymap import TestSecurityMap
from zope.securitypolicy.tests.test_annotationprincipalrolemanager import (
    Test as APRMTest, Manageable)
from waeup.sirp.testing import FunctionalLayer
from waeup.sirp.students.tests.test_browser import StudentsFullSetup
from waeup.sirp.students import Student, StudentPrincipalRoleManager

class StudentPrincipalRoleManagerTests(APRMTest):
    # Make sure our PRM behaves like a regular one for usual cases.
    # Usual cases are ones, that do not interact with external officers.
    # See next test case for functional tests including officer perms.

    def _make_roleManager(self, obj=None):
        # Overriding this method of original testcase we make sure
        # that really a Student PRM is tested.
        if obj is None:
            #obj = Manageable()
            obj = Student()
            obj['studycourse'] = Manageable()
        return StudentPrincipalRoleManager(obj)

class StudentPrincipalRoleManagerFunctionalTests(StudentsFullSetup):

    layer = FunctionalLayer

    def setUp(self):
        super(StudentPrincipalRoleManagerFunctionalTests, self).setUp()
        self.officer_role = 'waeup.StudentsClearanceOfficer'
        # assign clearance permissions for a virtual officer
        prm = IPrincipalRoleManager(self.app['faculties']['fac1']['dep1'])
        prm.assignRoleToPrincipal('waeup.local.ClearanceOfficer', 'alice')
        return

    def test_iface(self):
        # make sure our StudentPRM really implements required ifaces.
        obj = StudentPrincipalRoleManager(self.student)
        verify.verifyClass(IPrincipalRoleManager,
                           StudentPrincipalRoleManager)
        verify.verifyObject(IPrincipalRoleManager, obj)
        return

    def test_get_as_adapter(self):
        # we can get an StudentPRM for Students by adapter lookup
        prm = IPrincipalRoleManager(self.student)
        self.assertTrue(
            isinstance(prm, StudentPrincipalRoleManager))
        return

    def test_no_officer_set(self):
        # if the faculty/dept. of the connected cert has no local
        # roles set, we won't get any additional roles for our
        # student
        prm = IPrincipalRoleManager(self.student)
        result = prm.getRolesForPrincipal('bob')
        self.assertEqual(result, [])
        return

    def test_valid_officer(self):
        # for an officer that has clearance role on the connected dept
        # we get the ApplicationsOfficer role on our student
        prm = IPrincipalRoleManager(self.student)
        result = prm.getRolesForPrincipal('alice')
        self.assertEqual(result, [(self.officer_role, Allow)])
        return