[832] | 1 | # |
---|
| 2 | # Test moderation behavior |
---|
| 3 | # |
---|
| 4 | |
---|
| 5 | import re |
---|
[3112] | 6 | from Products.CMFCore.utils import getToolByName |
---|
| 7 | from quintagroup.plonecomments.tests.common import addMembers, add2Group |
---|
| 8 | from quintagroup.plonecomments.tests.base import FunctionalTestCase |
---|
| 9 | from quintagroup.plonecomments.tests.config import USERS, DM_USERS_IDS, \ |
---|
| 10 | COMMON_USERS_IDS |
---|
[832] | 11 | |
---|
| 12 | |
---|
| 13 | class TestModeration(FunctionalTestCase): |
---|
| 14 | |
---|
| 15 | def afterSetUp(self): |
---|
| 16 | self.loginAsPortalOwner() |
---|
| 17 | |
---|
| 18 | # Add all users |
---|
| 19 | addMembers(self.portal, USERS) |
---|
| 20 | |
---|
| 21 | # Add users to Discussion Manager group |
---|
| 22 | add2Group(self.portal, 'DiscussionManager', DM_USERS_IDS) |
---|
| 23 | |
---|
| 24 | # Allow discussion for Document |
---|
| 25 | portal_types = getToolByName(self.portal, 'portal_types') |
---|
| 26 | doc_fti = portal_types.getTypeInfo('Document') |
---|
| 27 | doc_fti._updateProperty('allow_discussion', 1) |
---|
| 28 | |
---|
| 29 | # Make sure Documents are visible by default |
---|
[3126] | 30 | self.portal.portal_workflow.setChainForPortalTypes(('Document',), |
---|
| 31 | 'plone_workflow') |
---|
[832] | 32 | |
---|
| 33 | # Add testing documents to portal. Add one document for avery user. |
---|
[3126] | 34 | # For testing behaviors, where made some changes to document state |
---|
| 35 | # it's more usefull. |
---|
[832] | 36 | self.discussion = getToolByName(self.portal, 'portal_discussion', None) |
---|
| 37 | all_users_id = DM_USERS_IDS + COMMON_USERS_IDS |
---|
| 38 | for user_id in all_users_id: |
---|
| 39 | doc_id = 'doc_%s' % user_id |
---|
| 40 | self.portal.invokeFactory('Document', id=doc_id) |
---|
| 41 | doc_obj = getattr(self.portal, doc_id) |
---|
[3126] | 42 | doc_obj.edit(text_format='plain', |
---|
| 43 | text='hello world from %s' % doc_id) |
---|
[832] | 44 | # Create talkback for document and Add comment to doc_obj |
---|
| 45 | self.discussion.getDiscussionFor(doc_obj) |
---|
[3126] | 46 | doc_obj.discussion_reply('A Reply for %s' % doc_id, |
---|
| 47 | 'text of reply for %s' % doc_id) |
---|
[832] | 48 | |
---|
| 49 | ## TEST VIEWING |
---|
| 50 | |
---|
| 51 | def testViewRepliesNotPublishedDMUsers(self): |
---|
| 52 | # All members of DiscussionManager group MUST VIEW comments |
---|
| 53 | doc = getattr(self.portal, 'doc_%s' % DM_USERS_IDS[0]) |
---|
| 54 | for u in DM_USERS_IDS: |
---|
| 55 | self.login(u) |
---|
| 56 | replies = self.discussion.getDiscussionFor(doc).getReplies() |
---|
[880] | 57 | self.failUnless(replies, |
---|
| 58 | "Viewing discussion item forbiden for %s - " |
---|
| 59 | "member of DiscussionManager group" % u) |
---|
[832] | 60 | |
---|
| 61 | def testViewRepliesNotPublishedNotDMUsers(self): |
---|
| 62 | # All common users SHOULD NOT VIEW NOT PUBLISHED comments |
---|
| 63 | doc = getattr(self.portal, 'doc_%s' % DM_USERS_IDS[0]) |
---|
[3126] | 64 | roles = [r['name'] |
---|
| 65 | for r in self.portal.rolesOfPermission('Moderate Discussion') |
---|
| 66 | if r['selected'] == 'SELECTED'] |
---|
| 67 | authorized_users = [user |
---|
| 68 | for user in COMMON_USERS_IDS |
---|
| 69 | if user != 'anonym'] |
---|
| 70 | users_without_md_perm = [u |
---|
| 71 | for u in authorized_users |
---|
| 72 | if filter(lambda x: x not in roles, USERS[u]['roles'])] |
---|
[832] | 73 | for u in users_without_md_perm: |
---|
| 74 | self.logout() |
---|
[3126] | 75 | if not u == 'anonym': |
---|
[832] | 76 | self.login(u) |
---|
| 77 | replies = self.discussion.getDiscussionFor(doc).getReplies() |
---|
[880] | 78 | self.failIf(replies, |
---|
| 79 | "Viewing of NOT published discussion item allow %s - " |
---|
| 80 | "user without 'Moderate Discussion' permission" % u) |
---|
[832] | 81 | |
---|
| 82 | def testViewRepliesPublishedAllUsers(self): |
---|
| 83 | # All users MUST VIEW PUBLISHED comments |
---|
| 84 | # Get any document and publish it's comment |
---|
| 85 | doc = getattr(self.portal, 'doc_%s' % 'dm_admin') |
---|
| 86 | self.login('dm_admin') |
---|
| 87 | di = self.discussion.getDiscussionFor(doc).getReplies()[0] |
---|
| 88 | di.discussion_publish_comment() |
---|
| 89 | |
---|
| 90 | all_users_id = USERS.keys() + ['anonym'] |
---|
| 91 | for u in all_users_id: |
---|
| 92 | self.logout() |
---|
[3126] | 93 | if not u == 'anonym': |
---|
[832] | 94 | self.login(u) |
---|
| 95 | replies = self.discussion.getDiscussionFor(doc).getReplies() |
---|
[880] | 96 | self.failUnless(replies, |
---|
| 97 | "Viewing PUBLISHED discussion item forbiden for %s user" % u) |
---|
[832] | 98 | |
---|
| 99 | ## TEST PUBLISHING |
---|
| 100 | |
---|
| 101 | def testViewPublishButtonNonDMUsers(self): |
---|
| 102 | # Publish button MUST BE ABSENT in document view form |
---|
| 103 | # Pattern for publish button presence checking |
---|
[3126] | 104 | pattern = re.compile('.*<input.+?value="Publish"', re.S | re.M) |
---|
| 105 | roles = [r['name'] |
---|
| 106 | for r in self.portal.rolesOfPermission('Moderate Discussion') |
---|
| 107 | if r['selected'] == 'SELECTED'] |
---|
| 108 | authorized_users = [user |
---|
| 109 | for user in COMMON_USERS_IDS |
---|
| 110 | if user != 'anonym'] |
---|
| 111 | users_without_md_perm = [u |
---|
| 112 | for u in authorized_users |
---|
| 113 | if filter(lambda x: x not in roles, USERS[u]['roles'])] |
---|
[832] | 114 | for u in users_without_md_perm: |
---|
| 115 | self.logout() |
---|
| 116 | auth = "%s:" % u |
---|
[3126] | 117 | if not u == 'anonym': |
---|
[832] | 118 | self.login(u) |
---|
[3126] | 119 | auth = '%s:%s' % (u, USERS[u]['passw']) |
---|
[832] | 120 | doc_id = "doc_%s" % u |
---|
[3126] | 121 | html = str(self.publish(self.portal.id + '/%s' % doc_id, auth)) |
---|
[832] | 122 | m = pattern.match(html) |
---|
[3126] | 123 | self.failIf(m, "Publish button present for %s - user without " |
---|
| 124 | "Moderate Discussion permission" % u) |
---|
[832] | 125 | |
---|
| 126 | """ |
---|
| 127 | def testViewPublishButtonDMUsers(self): |
---|
| 128 | # Publish button MUST PRESENT in document view form |
---|
| 129 | # Pattern for publish button presence checking |
---|
| 130 | pattern = re.compile('.*<input.+?value="Publish"',re.S|re.M) |
---|
[3126] | 131 | # pattern = re.compile('.*<input\\s*class="standalone"\\s*type=' |
---|
| 132 | '"submit"\\s*value="Publish"\\s*/>', re.S|re.M) |
---|
[832] | 133 | for u in DM_USERS_IDS: |
---|
| 134 | self.login(u) |
---|
| 135 | auth = '%s:%s' % (u,USERS[u]['passw']) |
---|
| 136 | doc_id = "doc_%s" % u |
---|
| 137 | html = str(self.publish(self.portal.id+'/%s' % doc_id, auth)) |
---|
| 138 | m = pattern.match(html) |
---|
[3126] | 139 | self.failUnless(m, "Publish button NOT PRESENT for %s - member " |
---|
| 140 | "of DiscussionManager group" % u) |
---|
[832] | 141 | """ |
---|
| 142 | |
---|
| 143 | def testPublishing(self): |
---|
| 144 | # Check whether perform real publishing |
---|
| 145 | # Pattern for publish button presence checking |
---|
[3126] | 146 | pattern = re.compile('.*<input.+?value="Publish"', re.S | re.M) |
---|
[832] | 147 | for u in DM_USERS_IDS: |
---|
| 148 | doc_id = "doc_%s" % u |
---|
| 149 | doc_obj = getattr(self.portal, doc_id) |
---|
| 150 | getReplies = self.discussion.getDiscussionFor(doc_obj).getReplies |
---|
| 151 | # Check whether anonymous get no reply |
---|
| 152 | self.logout() |
---|
[3126] | 153 | self.failIf(getReplies(), |
---|
| 154 | "View not published reply ALLOW for Anonymous") |
---|
| 155 | # Login with actual (tested) user with DiscussionManager role and |
---|
| 156 | # publish discussion |
---|
[832] | 157 | self.login(u) |
---|
[3126] | 158 | self.failUnless(getReplies(), "%s - member of DiscussionManager " |
---|
| 159 | "group NOT VIEW not published reply" % u) |
---|
[832] | 160 | getReplies()[0].discussion_publish_comment() |
---|
| 161 | # Check if Publish button still present in document view page |
---|
| 162 | auth = "%s:" % u |
---|
[3126] | 163 | if not u == 'anonym': |
---|
| 164 | auth = '%s:%s' % (u, USERS[u]['passw']) |
---|
| 165 | html = str(self.publish(self.portal.id + '/%s' % doc_id, auth)) |
---|
[832] | 166 | m = pattern.match(html) |
---|
[3126] | 167 | self.failIf(m, "Publish button present for %s - DiscussionManager " |
---|
| 168 | "role user after publishing" % u) |
---|
[832] | 169 | # Check whether Anonym view published reply |
---|
| 170 | self.logout() |
---|
[880] | 171 | self.failUnless(getReplies(), |
---|
| 172 | "%s - member of DiscussionManager group NOT PUBLISH reply" % u) |
---|
[832] | 173 | |
---|
| 174 | ## TEST DELETING |
---|
| 175 | |
---|
| 176 | """ |
---|
| 177 | def testViewDeleteButtonNonDMUsers(self): |
---|
| 178 | # Check Delete reply button presense ONLY for PUBLISHED reply. |
---|
[3126] | 179 | # Because of NOT PUBLUISHED replies is not visible at all for common |
---|
| 180 | # users. |
---|
| 181 | # Delete reply button in document view form MUST BE ABSENT for all |
---|
| 182 | # EXCEPT manager. |
---|
[832] | 183 | # Publish replies |
---|
| 184 | self.logout() |
---|
| 185 | self.login('dm_admin') |
---|
| 186 | for u in COMMON_USERS_IDS: |
---|
| 187 | doc_id = "doc_%s" % u |
---|
| 188 | doc_obj = getattr(self.portal, doc_id) |
---|
| 189 | reply = self.discussion.getDiscussionFor(doc_obj).getReplies()[0] |
---|
| 190 | reply.discussion_publish_comment() |
---|
| 191 | # Prepare pattern for delete reply button presence checking |
---|
[3126] | 192 | pattern = re.compile('.*<input\\s*class="destructive"\\s*type="submit"' |
---|
| 193 | '\\s*value="Remove"\\s*/>', re.S|re.M) |
---|
[832] | 194 | for u in COMMON_USERS_IDS: |
---|
| 195 | self.logout() |
---|
| 196 | auth = "%s:" % u |
---|
| 197 | if not u=='anonym': |
---|
| 198 | self.login(u) |
---|
| 199 | auth = '%s:%s' % (u,USERS[u]['passw']) |
---|
| 200 | doc_id = "doc_%s" % u |
---|
| 201 | html = str(self.publish(self.portal.id+'/%s' % doc_id, auth)) |
---|
| 202 | m = pattern.match(html) |
---|
| 203 | if not u=='anonym' and 'Manager' in USERS[u]['roles']: |
---|
[3126] | 204 | self.failUnless(m, "%s - user with Manager role NOT VIEW " |
---|
| 205 | "Delete reply button for published reply on document " |
---|
| 206 | "view form" % u) |
---|
[832] | 207 | else: |
---|
[3126] | 208 | self.failIf(m, "%s - user without Manager role CAN VIEW " |
---|
| 209 | "Delete reply button for published reply on document " |
---|
| 210 | "view form" % u) |
---|
[832] | 211 | """ |
---|
| 212 | |
---|
| 213 | def testDeleting(self): |
---|
| 214 | # Manager with DiscussionManager role CAN delete ANY REPLY. |
---|
[3126] | 215 | # Manager without DiscussionManager role [common manager] CAN delete |
---|
| 216 | # ONLY PUBLISHED REPLY. |
---|
[832] | 217 | # Get Managers |
---|
| 218 | managers = [u for u in USERS.keys() if 'Manager' in USERS[u]['roles']] |
---|
| 219 | dm_man = [u for u in managers if u.startswith('dm_')][0] |
---|
| 220 | common_man = [u for u in managers if not u.startswith('dm_')][0] |
---|
| 221 | # Publish document for common manager |
---|
| 222 | self.login(dm_man) |
---|
| 223 | doc_obj = getattr(self.portal, "doc_%s" % common_man) |
---|
| 224 | reply = self.discussion.getDiscussionFor(doc_obj).getReplies()[0] |
---|
| 225 | reply.discussion_publish_comment() |
---|
| 226 | # Check for really deleting |
---|
| 227 | for u in managers: |
---|
| 228 | self.login(u) |
---|
| 229 | doc_id = "doc_%s" % u |
---|
| 230 | doc_obj = getattr(self.portal, doc_id) |
---|
| 231 | getReplies = self.discussion.getDiscussionFor(doc_obj).getReplies |
---|
[3126] | 232 | self.failUnless(getReplies(), "%s - user with Manager role not " |
---|
| 233 | "view discussion reply" % u) |
---|
[832] | 234 | getReplies()[0].deleteDiscussion() |
---|
[3126] | 235 | self.failIf(getReplies(), "%s - user with Manager role not really " |
---|
| 236 | "delete discussion" % u) |
---|
[832] | 237 | |
---|
| 238 | |
---|
| 239 | def test_suite(): |
---|
| 240 | from unittest import TestSuite, makeSuite |
---|
| 241 | suite = TestSuite() |
---|
| 242 | suite.addTest(makeSuite(TestModeration)) |
---|
| 243 | return suite |
---|