Back to index

plone3  3.1.7
testPloneFolder.py
Go to the documentation of this file.
00001 #
00002 # PloneFolder tests
00003 #
00004 
00005 from Products.CMFPlone.tests import PloneTestCase
00006 from Products.CMFPlone.tests import dummy
00007 
00008 from Products.CMFPlone.utils import _createObjectByType
00009 import transaction
00010 
00011 from AccessControl import Unauthorized
00012 from Products.CMFCore.permissions import DeleteObjects
00013 
00014 from zExceptions import NotFound
00015 from zExceptions import BadRequest
00016 
00017 
00018 class TestPloneFolder(PloneTestCase.PloneTestCase):
00019 
00020     def afterSetUp(self):
00021         # Create a bunch of subfolders
00022         self.folder.invokeFactory('Folder', id='sub1')
00023         self.folder.invokeFactory('Folder', id='sub2')
00024         self.folder.invokeFactory('Folder', id='sub3')
00025 
00026     def testGetObjectPosition(self):
00027         self.assertEqual(self.folder.getObjectPosition('sub1'), 0)
00028 
00029     def testGetObjectPositionRaisesNotFound(self):
00030         self.assertRaises(NotFound, self.folder.getObjectPosition, 'foobar')
00031 
00032     def testSortOrder(self):
00033         self.assertEqual(self.folder.objectIds(),
00034             ['sub1', 'sub2', 'sub3'])
00035 
00036     def testEditFolderKeepsPosition(self):
00037         # Cover http://dev.plone.org/plone/ticket/2796
00038         self.folder.sub2.folder_edit('Foo', 'Description')
00039         self.assertEqual(self.folder.sub2.Title(), 'Foo')
00040         # Order should remain the same
00041         self.assertEqual(self.folder.objectIds(),
00042             ['sub1', 'sub2', 'sub3'])
00043 
00044     def testRenameFolderKeepsPosition(self):
00045         # Cover http://dev.plone.org/plone/ticket/2796
00046         transaction.savepoint(optimistic=True) # make rename work
00047         self.folder.sub2.folder_edit('Foo', 'Description', id='foo')
00048         self.assertEqual(self.folder.foo.Title(), 'Foo')
00049         # Order should remain the same
00050         self.assertEqual(self.folder.objectIds(),
00051             ['sub1', 'foo', 'sub3'])
00052 
00053     def testCanViewManagementScreen(self):
00054         # Make sure the ZMI management screen works
00055         self.folder.manage_main()
00056 
00057 
00058 class TestCheckIdAvailable(PloneTestCase.PloneTestCase):
00059     # PortalFolder.checkIdAvailable() did not properly catch
00060     # zExceptions.BadRequest.
00061     # Fixed in CMFCore.PortalFolder, not Plone.
00062 
00063     def afterSetUp(self):
00064         _createObjectByType('Large Plone Folder', self.folder, 'lpf')
00065         self.lpf = self.folder.lpf
00066 
00067     def testSetObjectRaisesBadRequest(self):
00068         # _setObject() should raise zExceptions.BadRequest
00069         # on duplicate id.
00070         self.folder._setObject('foo', dummy.Item())
00071         try:
00072             self.folder._setObject('foo', dummy.Item())
00073         except BadRequest:
00074             pass
00075 
00076     def testCheckIdRaisesBadRequest(self):
00077         # _checkId() should raise zExceptions.BadRequest
00078         # on duplicate id.
00079         self.folder._setObject('foo', dummy.Item())
00080         try:
00081             self.folder._checkId('foo')
00082         except BadRequest:
00083             pass
00084 
00085     def testCheckIdAvailableCatchesBadRequest(self):
00086         # checkIdAvailable() should catch zExceptions.BadRequest
00087         self.folder._setObject('foo', dummy.Item())
00088         self.failIf(self.folder.checkIdAvailable('foo'))
00089 
00090     def testLPFSetObjectRaisesBadRequest(self):
00091         # _setObject() should raise zExceptions.BadRequest
00092         # on duplicate id.
00093         self.lpf._setObject('foo', dummy.Item())
00094         try:
00095             self.lpf._setObject('foo', dummy.Item())
00096         except BadRequest:
00097             pass
00098 
00099     def testLPFCheckIdRaisesBadRequest(self):
00100         # _checkId() should raise zExceptions.BadRequest
00101         # on duplicate id.
00102         self.lpf._setObject('foo', dummy.Item())
00103         try:
00104             self.lpf._checkId('foo')
00105         except BadRequest:
00106             pass
00107 
00108     def testLPFCheckIdAvailableCatchesBadRequest(self):
00109         # checkIdAvailable() should catch zExceptions.BadRequest
00110         self.lpf._setObject('foo', dummy.Item())
00111         self.failIf(self.lpf.checkIdAvailable('foo'))
00112 
00113 
00114 class TestFolderListing(PloneTestCase.PloneTestCase):
00115     # Tests for http://dev.plone.org/plone/ticket/3512
00116 
00117     def afterSetUp(self):
00118         self.workflow = self.portal.portal_workflow
00119         # Create some objects to list
00120         self.folder.invokeFactory('Folder', id='sub1')
00121         self.folder.invokeFactory('Folder', id='sub2')
00122         self.folder.invokeFactory('Document', id='doc1')
00123         self.folder.invokeFactory('Document', id='doc2')
00124         self.setupAuthenticator()
00125 
00126     def _contentIds(self, folder):
00127         return [ob.getId() for ob in folder.listFolderContents()]
00128 
00129     def testListFolderContentsOmitsPrivateObjects(self):
00130         self.workflow.doActionFor(self.folder.doc1, 'hide')
00131         self.logout()
00132         self.assertEqual(self._contentIds(self.folder),
00133                          ['sub1', 'sub2', 'doc2'])
00134 
00135     def testListFolderContentsOmitsPrivateFolders(self):
00136         self.workflow.doActionFor(self.folder.sub1, 'hide')
00137         self.logout()
00138         self.assertEqual(self._contentIds(self.folder),
00139                          ['sub2', 'doc1', 'doc2'])
00140 
00141     def testBugReport(self):
00142         # Perform the steps-to-reproduce in the collector issue:
00143 
00144         # 2)
00145         self.folder.invokeFactory('Folder', id='A')
00146         self.workflow.doActionFor(self.folder.A, 'publish')
00147 
00148         self.logout()
00149         self.assertEqual(self._contentIds(self.folder.A), [])
00150 
00151         # 3)
00152         self.login()
00153         self.folder.A.invokeFactory('Document', id='B')
00154         self.folder.A.B.manage_permission('View', ['Manager', 'Reviewer'], acquire=0)
00155 
00156         self.logout()
00157         self.assertEqual(self._contentIds(self.folder.A), [])
00158 
00159         # 4)
00160         self.login()
00161         self.folder.A.invokeFactory('Folder', id='C')
00162         self.folder.A.C.manage_permission('View', ['Manager', 'Reviewer'], acquire=0)
00163 
00164         # Here comes the reported bug:
00165         self.logout()
00166         self.assertEqual(self._contentIds(self.folder.A), ['C']) # <--
00167 
00168         # 4a)
00169         # BUT: removing 'View' is simply not enough!
00170         # When using the workflow all is fine:
00171         self.login()
00172         self.workflow.doActionFor(self.folder.A.C, 'hide')
00173 
00174         self.logout()
00175         self.assertEqual(self._contentIds(self.folder.A), [])
00176 
00177         # -> For folders you also have to remove 'Access contents information'
00178         # -> Never click around in the ZMI security screens, use the workflow!
00179 
00180     def test_folder_contents(self):
00181         self.folder.sub1.invokeFactory('Document', id='sub1doc1')
00182 
00183         contents = self.folder.sub1.getFolderContents()
00184         self.assertEqual(len(contents), 1)
00185         self.assertEqual(contents[0].getId, 'sub1doc1')
00186 
00187         self.failUnless(self.folder.sub1.old_folder_contents())
00188         view = self.folder.sub1.restrictedTraverse("folder_contents")
00189         self.failUnless(view())
00190 
00191         self.folder.sub1.manage_permission('List folder contents', ['Manager'], acquire=0)
00192 
00193         self.assertRaises(Unauthorized, self.folder.sub1.old_folder_contents)
00194         def func():
00195             return self.folder.sub1.restrictedTraverse("folder_contents")
00196         self.assertRaises(Unauthorized, func)
00197 
00198 
00199 class TestManageDelObjects(PloneTestCase.PloneTestCase):
00200     # manage_delObjects should check 'Delete objects'
00201     # permission on contained items.
00202 
00203     def afterSetUp(self):
00204         # Create a bunch of folders
00205         self.folder.invokeFactory('Folder', id='sub1')
00206         self.sub1 = self.folder.sub1
00207         self.sub1.invokeFactory('Folder', id='sub2')
00208         self.sub2 = self.sub1.sub2
00209 
00210     def testManageDelObjects(self):
00211         # Should be able to delete sub1
00212         self.folder.manage_delObjects('sub1')
00213         self.failIf('sub1' in self.folder.objectIds())
00214 
00215     def testManageDelObjectsIfSub1Denied(self):
00216         # Should NOT be able to delete sub1 due to permission checks in
00217         # Archetypes.BaseFolder.manage_delObjects().
00218         self.sub1.manage_permission(DeleteObjects, ['Manager'], acquire=0)
00219         self.assertRaises(Unauthorized, self.folder.manage_delObjects, 'sub1')
00220 
00221     def testManageDelObjectsIfSub2Denied(self):
00222         # We are able to delete sub1 if sub2 is denied
00223         # -> the check is only 1 level deep!
00224         self.sub2.manage_permission(DeleteObjects, ['Manager'], acquire=0)
00225         self.folder.manage_delObjects('sub1')
00226         self.failIf('sub1' in self.folder.objectIds())
00227 
00228 
00229 class TestManageDelObjectsInPortal(PloneTestCase.PloneTestCase):
00230 
00231     def afterSetUp(self):
00232         _createObjectByType('Folder', self.portal, id='sub1')
00233         self.sub1 = self.portal.sub1
00234 
00235     def testManageDelObjects(self):
00236         # Should be able to delete sub1
00237         self.portal.manage_delObjects('sub1')
00238         self.failIf('sub1' in self.portal.objectIds())
00239 
00240     def testManageDelObjectsIfSub1Denied(self):
00241         # Should be able to delete sub1 as the portal does not implement
00242         # additional permission checks.
00243         self.sub1.manage_permission(DeleteObjects, ['Manager'], acquire=0)
00244         self.assertRaises(Unauthorized, self.portal.manage_delObjects, 'sub1')
00245 
00246 
00247 def test_suite():
00248     from unittest import TestSuite, makeSuite
00249     suite = TestSuite()
00250     suite.addTest(makeSuite(TestPloneFolder))
00251     suite.addTest(makeSuite(TestCheckIdAvailable))
00252     suite.addTest(makeSuite(TestFolderListing))
00253     suite.addTest(makeSuite(TestManageDelObjects))
00254     suite.addTest(makeSuite(TestManageDelObjectsInPortal))
00255     return suite