Hi
I'm upgrading PloneSurvey to plone 3.3.5, but two tests are still failing.
Essentially the test is checking that an Unauthorized exception is raised
when a method is called as anonymous, as the method is protected with
ModifyPortalContent permission. However, anonymous can call the method fine
without having that permission. Changing the method protection to
declarePrivate also doesn't raise an exception. It looks like the security
context is not checked when called this was through a unit test. The
protection works fine testing manually ttw.
Is there a better way to do this?
Cheers
Michael
The test:
def testCantResetFromResetMethod(self):
"""Ensure user can't reset response from underlying method"""
self.login('survey_user')
s1 = getattr(self.folder, 's1')
s1.setCompletedForUser()
assert len(s1.getRespondentsList()) == 1
self.logout()
self.assertRaises(Unauthorized,
s1.resetForUser,
'survey_user')
The method header:
security.declareProtected(permissions.ModifyPortalContent,
'resetForUser')
def resetForUser(self, userid):
"""Remove answer for a single user"""
_______________________________________________
Product-Developers mailing list
[email protected]
http://lists.plone.org/mailman/listinfo/product-developers
