[PATCH 4 of 8 sherpa] [ux] Only display 'manage permissions' action when relevant

Sylvain Thenault sylvain.thenault at logilab.fr
Wed Mar 29 11:59:59 CEST 2017


# HG changeset patch
# User Sylvain Thénault <sylvain.thenault at logilab.fr>
# Date 1490205385 -3600
#      Wed Mar 22 18:56:25 2017 +0100
# Node ID 5a5ff6803bc88725ed8587ba1e149b2b00bb7932
# Parent  ffdaa181f9e71a770ca4d5dd6a62c952bd65e0dc
[ux] Only display 'manage permissions' action when relevant

ie. for scheme, authority record, profiles and archive unit which are not tight
to a profile.

diff --git a/cubicweb_sherpa/views/management.py b/cubicweb_sherpa/views/management.py
--- a/cubicweb_sherpa/views/management.py
+++ b/cubicweb_sherpa/views/management.py
@@ -17,12 +17,12 @@
 """
 
 from logilab.mtconverter import xml_escape
 
 from cubicweb import tags
-from cubicweb.predicates import (authenticated_user, non_final_entity,
-                                 one_line_rset, relation_possible)
+from cubicweb.predicates import (authenticated_user, is_instance, non_final_entity,
+                                 one_line_rset, relation_possible, score_entity)
 from cubicweb.view import EntityView
 from cubicweb.web import action, formwidgets
 from cubicweb.web.formfields import guess_field
 from cubicweb.web.views import actions, management
 
@@ -106,10 +106,13 @@ class SherpaSecurityManagementView(manag
         form.render(w=w, display_progress_div=False)
 
 
 actions.ManagePermissionsAction.__select__ = (
     action.Action.__select__ & one_line_rset() & non_final_entity()
+    & (is_instance('ConceptScheme', 'AuthorityRecord', 'SEDAArchiveTransfer')
+       | (is_instance('SEDAArchiveUnit')
+          & score_entity(lambda x: x.cw_adapt_to('IContained').container is None)))
     & relation_possible('owned_by', action='add', strict=True))
 
 
 def registration_callback(vreg):
     vreg.register_all(globals().values(), __name__)
diff --git a/test/test_management.py b/test/test_management.py
--- a/test/test_management.py
+++ b/test/test_management.py
@@ -15,28 +15,67 @@
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 
 from cubicweb.devtools.testlib import CubicWebTC
 from cubicweb.web.views import actions
 
+import testutils
+
 
 class ActionTC(CubicWebTC):
 
-    def test_management(self):
+    def assertMayManageSecurity(self, req, eid):
+        rset = req.entity_from_eid(eid).as_rset()
+        actionsdict = self.pactionsdict(req, rset)
+        self.assertIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+
+    def assertMayNotManageSecurity(self, req, eid):
+        rset = req.entity_from_eid(eid).as_rset()
+        actionsdict = self.pactionsdict(req, rset)
+        self.assertNotIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+
+    def test_management_profiles(self):
         with self.admin_access.cnx() as cnx:
             at = cnx.create_entity('SEDAArchiveTransfer', title=u'hop')
+            at_unit = testutils.create_archive_unit(at)[0]
+
             self.create_user(cnx, 'user')
+
             cnx.commit()
 
         with self.admin_access.web_request() as req:
-            rset = req.entity_from_eid(at.eid).as_rset()
-            actionsdict = self.pactionsdict(req, rset)
-            self.assertIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+
+            self.assertMayManageSecurity(req, at.eid)
+            self.assertMayNotManageSecurity(req, at_unit.eid)
 
         with self.new_access('user').web_request() as req:
-            rset = req.entity_from_eid(at.eid).as_rset()
-            actionsdict = self.pactionsdict(req, rset)
-            self.assertNotIn(actions.ManagePermissionsAction, actionsdict['moreactions'])
+            self.assertMayNotManageSecurity(req, at.eid)
+
+    def test_management_units(self):
+        with self.admin_access.cnx() as cnx:
+            unit_comp = testutils.create_archive_unit(None, cnx=cnx)[0]
+            cnx.commit()
+
+        with self.admin_access.web_request() as req:
+            self.assertMayManageSecurity(req, unit_comp.eid)
+
+    def test_management_schemes(self):
+        with self.admin_access.cnx() as cnx:
+            scheme = cnx.create_entity('ConceptScheme', title=u'goldorak')
+            concept = scheme.add_concept(u'fulguropoint')
+            cnx.commit()
+
+        with self.admin_access.web_request() as req:
+            self.assertMayManageSecurity(req, scheme.eid)
+            self.assertMayNotManageSecurity(req, concept.eid)
+
+    def test_management_records(self):
+        with self.admin_access.cnx() as cnx:
+            record = testutils.create_authority_record(cnx, u'bob notice')
+            cnx.commit()
+
+        with self.admin_access.web_request() as req:
+            self.assertMayManageSecurity(req, record.eid)
 
 
 if __name__ == '__main__':
     import unittest
     unittest.main()


More information about the saem-devel mailing list