Ignore:
Timestamp:
1 Apr 2015, 08:35:16 (10 years ago)
Author:
Henrik Bettermann
Message:

Skip User Processor if user isn't allowed to manage users.

Location:
main/waeup.kofa/trunk/src/waeup/kofa/browser
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/pages.py

    r12835 r12840  
    10941094        importer_props = []
    10951095        for x in importers:
     1096            # Skip User Processor if user isn't allowed to manage users.
     1097            if x.util_name == 'userprocessor' and not checkPermission(
     1098                'waeup.manageUsers', self.context):
     1099                continue
    10961100            iface_fields = schema.getFields(x.iface)
    10971101            available_fields = []

  • main/waeup.kofa/trunk/src/waeup/kofa/browser/tests/test_browser.py

    r12632 r12840  
    403403        # We add a second certificate course which refers
    404404        # to the same course but at a different level.
    405         self.app['faculties']['fac1']['dep1'].certificates['CERT1'].addCertCourse(
     405        self.app['faculties']['fac1']['dep1'].certificates[
     406            'CERT1'].addCertCourse(
    406407            self.course, level=210)
    407408        # Both certificate courses will be automatically removed when
     
    421422            'faculties']['fac1']['dep1'].certificates['CERT1'])
    422423        return
     424
     425    def test_user_data_import_permission(self):
     426        upload_path = 'http://localhost/app/datacenter/upload'
     427        login_path = 'http://localhost/app/login'
     428        # Create  officer
     429        self.app['users'].addUser('officer', 'officersecret')
     430        self.app['users']['officer'].email = 'mrofficer@foo.ng'
     431        self.app['users']['officer'].title = 'Carlo Pitter'
     432        # Assign role
     433        prm = IPrincipalRoleManager(self.app)
     434        prm.assignRoleToPrincipal('waeup.ImportManager', 'officer')
     435        # Login
     436        self.browser.open(login_path)
     437        self.browser.getControl(name="form.login").value = 'officer'
     438        self.browser.getControl(name="form.password").value = 'officersecret'
     439        self.browser.getControl("Login").click()
     440        self.browser.open(upload_path)
     441        self.assertFalse('User Processor' in self.browser.contents)
     442        # Assign role which is necessary to import user data
     443        prm.assignRoleToPrincipal('waeup.UsersManager', 'officer')
     444        self.browser.open(upload_path)
     445        self.assertTrue('User Processor' in self.browser.contents)
     446        return
Note: See TracChangeset for help on using the changeset viewer.