193 lines
5.5 KiB
Python
193 lines
5.5 KiB
Python
# Copyright (c) 2015, Frappe Technologies Pvt. Ltd. and Contributors
|
|
# License: MIT. See LICENSE
|
|
import frappe, unittest
|
|
from frappe.desk.form.load import getdoctype, getdoc, get_docinfo
|
|
from frappe.core.page.permission_manager.permission_manager import update, reset, add
|
|
from frappe.custom.doctype.property_setter.property_setter import make_property_setter
|
|
from frappe.utils.file_manager import save_file
|
|
|
|
test_dependencies = ['Blog Category', 'Blogger']
|
|
|
|
class TestFormLoad(unittest.TestCase):
|
|
def test_load(self):
|
|
getdoctype("DocType")
|
|
meta = list(filter(lambda d: d.name=="DocType", frappe.response.docs))[0]
|
|
self.assertEqual(meta.name, "DocType")
|
|
self.assertTrue(meta.get("__js"))
|
|
|
|
frappe.response.docs = []
|
|
getdoctype("Event")
|
|
meta = list(filter(lambda d: d.name=="Event", frappe.response.docs))[0]
|
|
self.assertTrue(meta.get("__calendar_js"))
|
|
|
|
def test_fieldlevel_permissions_in_load(self):
|
|
blog = frappe.get_doc({
|
|
"doctype": "Blog Post",
|
|
"blog_category": "-test-blog-category-1",
|
|
"blog_intro": "Test Blog Intro",
|
|
"blogger": "_Test Blogger 1",
|
|
"content": "Test Blog Content",
|
|
"title": "_Test Blog Post {}".format(frappe.utils.now()),
|
|
"published": 0
|
|
})
|
|
|
|
blog.insert()
|
|
|
|
user = frappe.get_doc('User', 'test@example.com')
|
|
|
|
user_roles = frappe.get_roles()
|
|
user.remove_roles(*user_roles)
|
|
user.add_roles('Blogger')
|
|
|
|
blog_post_property_setter = make_property_setter('Blog Post', 'published', 'permlevel', 1, 'Int')
|
|
reset('Blog Post')
|
|
|
|
# test field level permission before role level permissions are defined
|
|
frappe.set_user(user.name)
|
|
blog_doc = get_blog(blog.name)
|
|
|
|
self.assertEqual(blog_doc.published, None)
|
|
|
|
# this will be ignored because user does not
|
|
# have write access on `published` field (or on permlevel 1 fields)
|
|
blog_doc.published = 1
|
|
blog_doc.save()
|
|
|
|
# since published field has higher permlevel
|
|
self.assertEqual(blog_doc.published, 0)
|
|
|
|
# test field level permission after role level permissions are defined
|
|
frappe.set_user('Administrator')
|
|
add('Blog Post', 'Website Manager', 1)
|
|
update('Blog Post', 'Website Manager', 1, 'write', 1)
|
|
|
|
frappe.set_user(user.name)
|
|
blog_doc = get_blog(blog.name)
|
|
|
|
self.assertEqual(blog_doc.name, blog.name)
|
|
# since published field has higher permlevel
|
|
self.assertEqual(blog_doc.published, None)
|
|
|
|
# this will be ignored because user does not
|
|
# have write access on `published` field (or on permlevel 1 fields)
|
|
blog_doc.published = 1
|
|
blog_doc.save()
|
|
|
|
# since published field has higher permlevel
|
|
self.assertEqual(blog_doc.published, 0)
|
|
|
|
frappe.set_user('Administrator')
|
|
user.add_roles('Website Manager')
|
|
frappe.set_user(user.name)
|
|
|
|
doc = frappe.get_doc('Blog Post', blog.name)
|
|
doc.published = 1
|
|
doc.save()
|
|
|
|
blog_doc = get_blog(blog.name)
|
|
# now user should be allowed to read field with higher permlevel
|
|
# (after adding Website Manager role)
|
|
self.assertEqual(blog_doc.published, 1)
|
|
|
|
frappe.set_user('Administrator')
|
|
|
|
# reset user roles
|
|
user.remove_roles('Blogger', 'Website Manager')
|
|
user.add_roles(*user_roles)
|
|
|
|
blog_doc.delete()
|
|
frappe.delete_doc(blog_post_property_setter.doctype, blog_post_property_setter.name)
|
|
|
|
def test_fieldlevel_permissions_in_load_for_child_table(self):
|
|
contact = frappe.new_doc('Contact')
|
|
contact.first_name = '_Test Contact 1'
|
|
contact.append('phone_nos', {'phone': '123456'})
|
|
contact.insert()
|
|
|
|
user = frappe.get_doc('User', 'test@example.com')
|
|
|
|
user_roles = frappe.get_roles()
|
|
user.remove_roles(*user_roles)
|
|
user.add_roles('Accounts User')
|
|
|
|
make_property_setter('Contact Phone', 'phone', 'permlevel', 1, 'Int')
|
|
reset('Contact Phone')
|
|
add('Contact', 'Sales User', 1)
|
|
update('Contact', 'Sales User', 1, 'write', 1)
|
|
|
|
frappe.set_user(user.name)
|
|
|
|
contact = frappe.get_doc('Contact', '_Test Contact 1')
|
|
|
|
contact.phone_nos[0].phone = '654321'
|
|
contact.save()
|
|
|
|
self.assertEqual(contact.phone_nos[0].phone, '123456')
|
|
|
|
frappe.set_user('Administrator')
|
|
user.add_roles('Sales User')
|
|
frappe.set_user(user.name)
|
|
|
|
contact.phone_nos[0].phone = '654321'
|
|
contact.save()
|
|
|
|
contact = frappe.get_doc('Contact', '_Test Contact 1')
|
|
self.assertEqual(contact.phone_nos[0].phone, '654321')
|
|
|
|
frappe.set_user('Administrator')
|
|
|
|
# reset user roles
|
|
user.remove_roles('Accounts User', 'Sales User')
|
|
user.add_roles(*user_roles)
|
|
|
|
contact.delete()
|
|
|
|
def test_get_doc_info(self):
|
|
note = frappe.new_doc("Note")
|
|
note.content = "some content"
|
|
note.title = frappe.generate_hash(length=20)
|
|
note.insert()
|
|
|
|
note.content = "new content"
|
|
# trigger a version
|
|
note.save(ignore_version=False)
|
|
|
|
note.add_comment(text="test")
|
|
|
|
note.add_tag("test_tag")
|
|
note.add_tag("more_tag")
|
|
|
|
# empty attachment
|
|
save_file("test_file", b"", note.doctype, note.name, decode=True)
|
|
|
|
frappe.get_doc({
|
|
"doctype": "Communication",
|
|
"communication_type": "Communication",
|
|
"content": "test email",
|
|
"reference_doctype": note.doctype,
|
|
"reference_name": note.name,
|
|
}).insert()
|
|
|
|
|
|
docinfo = get_docinfo(note)
|
|
|
|
self.assertEqual(len(docinfo.comments), 1)
|
|
self.assertIn("test", docinfo.comments[0].content)
|
|
|
|
self.assertGreaterEqual(len(docinfo.versions), 2)
|
|
|
|
self.assertEqual(set(docinfo.tags.split(",")), {"more_tag", "test_tag"})
|
|
|
|
self.assertEqual(len(docinfo.attachments), 1)
|
|
self.assertIn("test_file", docinfo.attachments[0].file_name)
|
|
|
|
self.assertEqual(len(docinfo.communications), 1)
|
|
self.assertIn("email", docinfo.communications[0].content)
|
|
note.delete()
|
|
|
|
|
|
def get_blog(blog_name):
|
|
frappe.response.docs = []
|
|
getdoc('Blog Post', blog_name)
|
|
doc = frappe.response.docs[0]
|
|
return doc
|