[PATCH 1 of 1 sherpa] Fix selector of manage view and action

Sylvain Thenault sylvain.thenault at logilab.fr
Fri Feb 24 16:29:00 CET 2017


# HG changeset patch
# User Sylvain Thénault <sylvain.thenault at logilab.fr>
# Date 1487949960 -3600
#      Fri Feb 24 16:26:00 2017 +0100
# Node ID e1f4c31c24146cac5744bbfb2c9dbee0a376f2a0
# Parent  efcc1ab697227a83049628b2c62a8917ed20901b
Fix selector of manage view and action

Without strict=True, predicate is always true because owned_by as some local role.

diff --git a/cubicweb_sherpa/views/management.py b/cubicweb_sherpa/views/management.py
--- a/cubicweb_sherpa/views/management.py
+++ b/cubicweb_sherpa/views/management.py
@@ -26,11 +26,11 @@ from cubes.relationwidget.views import R
 
 class SherpaSecurityManagementView(management.SecurityManagementView):
     """Security view overriden to hide permissions definitions and using a
     RelationFacetWidget to edit owner"""
     __select__ = (management.SecurityManagementView.__select__ &
-                  relation_possible('owned_by', action='add'))
+                  relation_possible('owned_by', action='add', strict=True))
 
     def entity_call(self, entity):
         w = self.w
         w(u'<h1><span class="etype">%s</span> <a href="%s">%s</a></h1>'
           % (entity.dc_type().capitalize(),
@@ -54,11 +54,11 @@ class SherpaSecurityManagementView(manag
         form.render(w=w, display_progress_div=False)
 
 
 actions.ManagePermissionsAction.__select__ = (
     action.Action.__select__ & one_line_rset() & non_final_entity()
-    & relation_possible('owned_by', action='add'))
+    & relation_possible('owned_by', action='add', strict=True))
 
 
 def registration_callback(vreg):
     vreg.register_all(globals().values(), __name__)
     vreg.unregister(management.SecurityManagementView)
diff --git a/test/test_management.py b/test/test_management.py
new file mode 100644
--- /dev/null
+++ b/test/test_management.py
@@ -0,0 +1,42 @@
+# copyright 2017 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# contact http://www.logilab.fr -- mailto:contact at logilab.fr
+#
+# This program is free software: you can redistribute it and/or modify it under
+# the terms of the GNU Lesser General Public License as published by the Free
+# Software Foundation, either version 2.1 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+from cubicweb.devtools.testlib import CubicWebTC
+from cubicweb.web.views import actions
+
+
+class ActionTC(CubicWebTC):
+
+    def test_management(self):
+        with self.admin_access.cnx() as cnx:
+            at = cnx.create_entity('SEDAArchiveTransfer', title=u'hop')
+            self.create_user(cnx, 'user')
+            cnx.commit()
+
+        with self.admin_access.web_request() as req:
+            rset = req.entity_from_eid(at.eid).as_rset()
+            actionsdict = self.pactionsdict(req, rset)
+            self.assertIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+
+        with self.new_access('user').web_request() as req:
+            rset = req.entity_from_eid(at.eid).as_rset()
+            actionsdict = self.pactionsdict(req, rset)
+            self.assertNotIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+
+
+if __name__ == '__main__':
+    import unittest
+    unittest.main()


More information about the saem-devel mailing list