odoo-addon-dms 16.0.1.8.0.3__py3-none-any.whl → 17.0.1.0.0.2__py3-none-any.whl

odoo/addons/dms/tests/test_file.py

@@ -23,78 +23,156 @@ class FileFilestoreTestCase(StorageFileBaseCase):
     def setUpClass(cls):
         super().setUpClass()
         cls.user_a = new_test_user(cls.env, login="user-a", groups="dms.group_dms_user")
+        cls.directory_group_a = cls.create_directory(storage=cls.storage)
+        cls.inaccessible_directory = cls.create_directory(storage=cls.storage)
+        cls.inaccessible_file = cls.create_file(directory=cls.inaccessible_directory)
+        cls.inaccessible_group = cls.access_group_model.create(
+            {
+                "name": "Inaccessible Group. No directory set",
+                "perm_create": True,
+                "explicit_user_ids": [(6, 0, [cls.user_a.id])],
+            }
+        )
+        cls.sub_directory_x = cls.create_directory(directory=cls.directory_group_a)
         cls.group_a = cls.access_group_model.create(
             {
                 "name": "Group A",
                 "perm_create": True,
                 "explicit_user_ids": [(6, 0, [cls.user_a.id])],
+                "directory_ids": [
+                    (4, cls.directory_group_a.id),
+                    (4, cls.sub_directory_x.id),
+                ],
             }
         )
-        cls.directory_group_a = cls.create_directory(storage=cls.storage)
         cls.directory_group_a.group_ids = [(4, cls.group_a.id)]
-        cls.sub_directory_x = cls.create_directory(directory=cls.directory_group_a)
         cls.file2 = cls.create_file(directory=cls.sub_directory_x)
 
+    @users("user-a")
+    def test_unaccessible_file(self):
+        dms_files = self.file_model.with_user(self.env.user).search(
+            [("storage_id", "=", self.storage.id)]
+        )
+        self.assertNotIn(
+            self.inaccessible_file.id,
+            dms_files.ids,
+            msg="User A should not see the unaccessible file since it "
+            "was not granted access to the directory",
+        )
+        self.assertIn(
+            self.file2.id,
+            dms_files.ids,
+            msg="User A should see the file2 since it was granted access to "
+            "the directory",
+        )
+
+    @users("user-a")
+    def test_inaccessible_directory(self):
+        dms_directories = self.directory_model.with_user(self.env.user).search(
+            [("storage_id", "=", self.storage.id)]
+        )
+        self.assertNotIn(
+            self.inaccessible_directory.id,
+            dms_directories.ids,
+            msg="User A should not see the inaccessible directory since "
+            "it was not granted access to the directory",
+        )
+        self.assertIn(
+            self.sub_directory_x.id,
+            dms_directories.ids,
+            msg="User A should see the sub_directory_x since it was granted "
+            "access to the directory",
+        )
+
     @users("user-a")
     def test_file_access(self):
         dms_files = self.file_model.with_user(self.env.user).search(
             [("storage_id", "=", self.storage.id)]
         )
-        self.assertNotIn(self.file.id, dms_files.ids)
-        self.assertIn(self.file2.id, dms_files.ids)
+        self.assertNotIn(self.file.id, dms_files.ids, msg="User A should not see file")
+        self.assertIn(self.file2.id, dms_files.ids, msg="User A should see file2")
         dms_directories = self.directory_model.with_user(self.env.user).search(
             [("storage_id", "=", self.storage.id)]
         )
-        self.assertNotIn(self.directory.id, dms_directories.ids)
-        self.assertIn(self.sub_directory_x.id, dms_directories.ids)
+        self.assertNotIn(
+            self.directory.id,
+            dms_directories.ids,
+            msg="User A should not see directory",
+        )
+        self.assertIn(
+            self.sub_directory_x.id,
+            dms_directories.ids,
+            msg="User A should see sub_directory_x",
+        )
 
     @users("dms-manager", "dms-user")
     @mute_logger("odoo.models.unlink")
     def test_content_file(self):
-        lobject_file = self.create_file(directory=self.directory)
-        self.assertTrue(lobject_file.content)
-        self.assertTrue(lobject_file.content_file)
-        self.assertTrue(lobject_file.with_context(bin_size=True).content)
-        self.assertTrue(lobject_file.with_context(bin_size=True).content_file)
-        self.assertTrue(lobject_file.with_context(human_size=True).content_file)
-        self.assertTrue(lobject_file.with_context(base64=True).content_file)
-        self.assertTrue(lobject_file.with_context(stream=True).content_file)
-        oid = lobject_file.with_context(oid=True).content_file
-        self.assertTrue(oid)
-        lobject_file.with_context(**{"show_content": True}).write(
+        object_file = self.create_file(directory=self.directory)
+        self.assertTrue(object_file.content, msg="Content is not empty")
+        self.assertTrue(object_file.content_file, msg="Content file is not empty")
+        self.assertTrue(
+            object_file.with_context(bin_size=True).content,
+            msg="Content is not empty (with bin_size)",
+        )
+        self.assertTrue(
+            object_file.with_context(bin_size=True).content_file,
+            msg="Content file is not empty (with bin_size)",
+        )
+        self.assertTrue(
+            object_file.with_context(human_size=True).content_file,
+            msg="Content file is not empty (with human_size)",
+        )
+        self.assertTrue(
+            object_file.with_context(base64=True).content_file,
+            msg="Content file is not empty (with base64)",
+        )
+        self.assertTrue(
+            object_file.with_context(stream=True).content_file,
+            msg="Content file is not empty (with stream)",
+        )
+        oid = object_file.with_context(oid=True).content_file
+        self.assertTrue(oid, msg="Content file is not empty (with oid)")
+        object_file.with_context(**{"show_content": True}).write(
             {"content": base64.b64encode(b"\xff new content")}
         )
         self.assertNotEqual(
-            oid, lobject_file.with_context(**{"oid": True}).content_file
+            oid,
+            object_file.with_context(**{"oid": True}).content_file,
+            msg="Content file has changed",
         )
-        self.assertTrue(lobject_file.export_data(["content"]))
-        lobject_file.unlink()
+        self.assertTrue(object_file.export_data(["content"]))
+        object_file.unlink()
 
     def test_content_file_mimetype(self):
         file_svg = self.env.ref("dms.file_05_demo")
-        self.assertEqual(file_svg.mimetype, "image/svg+xml")
+        self.assertEqual(file_svg.mimetype, "image/svg+xml", msg="SVG mimetype")
         file_logo = self.env.ref("dms.file_02_demo")
-        self.assertEqual(file_logo.mimetype, "image/jpeg")
+        self.assertEqual(file_logo.mimetype, "image/jpeg", msg="JPEG mimetype")
 
     def test_content_file_mimetype_magic_library(self):
         if not magic:
             self.skipTest("Without python-magic library installed")
         file_video = self.env.ref("dms.file_10_demo")
-        self.assertEqual(file_video.mimetype, "video/mp4")
+        self.assertEqual(file_video.mimetype, "video/mp4", msg="MP4 mimetype")
 
     def test_content_file_extension(self):
         file_pdf = self.env.ref("dms.file_27_demo")
-        self.assertEqual(file_pdf.extension, "pdf")
+        self.assertEqual(file_pdf.extension, "pdf", msg="PDF extension")
         file_pdf.name = "Document_05"
-        self.assertEqual(file_pdf.extension, "pdf")
+        self.assertEqual(
+            file_pdf.extension, "pdf", msg="PDF extension without extension"
+        )
         file_pdf.name = "Document_05.pdf"
-        self.assertEqual(file_pdf.extension, "pdf")
+        self.assertEqual(file_pdf.extension, "pdf", msg="PDF extension with extension")
 
     def test_wizard_dms_file_move(self):
         file3 = self.create_file(directory=self.sub_directory_x)
         all_files = self.file + self.file2 + file3
         # Error: All files must have the same root directory
-        with self.assertRaises(UserError):
+        with self.assertRaises(
+            UserError, msg="All files must have the same root directory"
+        ):
             self.file_model.with_context(
                 active_ids=all_files.ids
             ).action_wizard_dms_file_move()
@@ -105,7 +183,11 @@ class FileFilestoreTestCase(StorageFileBaseCase):
         ).action_wizard_dms_file_move()
         wizard_model = self.env[res["res_model"]].with_context(**res["context"])
         wizard = wizard_model.create({"directory_id": self.directory.id})
-        self.assertEqual(wizard.count_files, 2)
+        self.assertEqual(wizard.count_files, 2, msg="Wizard has 2 files")
         wizard.process()
-        self.assertEqual(self.file2.directory_id, self.directory)
-        self.assertEqual(file3.directory_id, self.directory)
+        self.assertEqual(
+            self.file2.directory_id, self.directory, msg="File2 has a new directory"
+        )
+        self.assertEqual(
+            file3.directory_id, self.directory, msg="File3 has a new directory"
+        )

odoo/addons/dms/tests/test_file_database.py

@@ -25,29 +25,35 @@ class FileDatabaseTestCase(StorageDatabaseBaseCase):
         self.create_file(directory=root_directory)
         sub_directory = self.create_directory(directory=root_directory)
         self.create_file(sub_directory)
-        self.assertEqual(root_directory.count_total_files, 2)
-        self.assertEqual(sub_directory.count_files, 1)
+        self.assertEqual(root_directory.count_total_files, 2, "Total files should be 2")
+        self.assertEqual(
+            sub_directory.count_files, 1, "Subdirectory total files should be 1"
+        )
 
     @users("dms-manager", "dms-user")
     def test_lock_file(self):
         file = self.create_file(directory=self.directory)
         file.lock()
-        self.assertTrue(file.is_locked)
+        self.assertTrue(file.is_locked, "File should be locked")
         file.unlock()
-        self.assertFalse(file.is_locked)
+        self.assertFalse(file.is_locked, "File should be unlocked")
 
     @users("dms-manager", "dms-user")
     def test_copy_file(self):
         copy_file = self.file.copy()
-        self.assertEqual(self.file.storage_id, copy_file.storage_id)
-        self.assertEqual(self.file.content, copy_file.content)
+        self.assertEqual(
+            self.file.storage_id, copy_file.storage_id, "Storage should be the same"
+        )
+        self.assertEqual(
+            self.file.content, copy_file.content, "Content should be the same"
+        )
 
     @users("dms-manager", "dms-user")
     def test_rename_file(self):
         file = self.create_file(directory=self.directory)
         extension = file.extension
         file.write({"name": "test-%s.jpg" % self.env.user.login})
-        self.assertNotEqual(file.extension, extension)
+        self.assertNotEqual(file.extension, extension, "Extension should be different")
 
     @users("dms-manager", "dms-user")
     def test_move_file(self):
@@ -55,11 +61,15 @@ class FileDatabaseTestCase(StorageDatabaseBaseCase):
         path_names = file.path_names
         file.write({"directory_id": self.directory2.id})
         file.flush_recordset()
-        self.assertNotEqual(path_names, file.path_names)
+        self.assertNotEqual(
+            path_names, file.path_names, "Path names should be different"
+        )
 
     @users("dms-manager", "dms-user")
     def test_move_directory(self):
-        with self.assertRaises(UserError):
+        with self.assertRaises(
+            UserError, msg="Directory can't have any parent, because it is " "root"
+        ):
             self.directory.write(
                 {
                     "is_root_directory": False,
@@ -72,57 +82,73 @@ class FileDatabaseTestCase(StorageDatabaseBaseCase):
     def test_unlink_file(self):
         file = self.create_file(directory=self.directory)
         file.unlink()
-        self.assertFalse(file.exists())
+        self.assertFalse(file.exists(), "File should not exist")
 
     @users("dms-manager", "dms-user")
     def test_compute_thumbnail(self):
-        self.assertTrue(self.file_demo_01.image_128)
+        self.assertTrue(self.file_demo_01.image_128, "Thumbnail should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_path_names(self):
-        self.assertTrue(self.file.path_names)
+        self.assertTrue(self.file.path_names, "Path names should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_path_json(self):
-        self.assertTrue(self.file.path_json)
+        self.assertTrue(self.file.path_json, "Path json should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_mimetype(self):
-        self.assertTrue(self.file.mimetype)
+        self.assertTrue(self.file.mimetype, "Mimetype should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_extension(self):
-        self.assertTrue(self.file.extension)
+        self.assertTrue(self.file.extension, "Extension should be computed")
 
     @users("dms-manager", "dms-user")
     def test_size_calculation(self):
-        self.assertTrue(self.file.size)
+        self.assertTrue(self.file.size, "Size should be computed")
 
     @users("dms-manager", "dms-user")
     def test_checksum_calculation(self):
-        self.assertTrue(self.file.checksum)
+        self.assertTrue(self.file.checksum, "Checksum should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_content(self):
-        self.assertTrue(self.file.with_context(bin_size=True).content)
-        self.assertTrue(self.file.with_context(bin_size=False).content)
+        self.assertTrue(
+            self.file.with_context(bin_size=True).content,
+            "Content should be computed (with bin_size)",
+        )
+        self.assertTrue(
+            self.file.with_context(bin_size=False).content,
+            "Content should be computed (without bin_size)",
+        )
         self.assertNotEqual(
             self.file.with_context(bin_size=False).content,
             self.file.with_context(bin_size=True).content,
+            "Content should be different",
         )
 
     @users("dms-manager", "dms-user")
     def test_compute_save_type(self):
-        self.assertTrue(self.file.save_type)
+        self.assertTrue(self.file.save_type, "Save type should be computed")
 
     @users("dms-manager", "dms-user")
     def test_compute_migration(self):
-        self.assertTrue(self.file.migration)
+        self.assertTrue(self.file.migration, "Migration should be computed")
 
     @users("dms-manager", "dms-user")
     def test_search_panel(self):
-        self.assertTrue(self.file.search_panel_select_range("directory_id"))
-        self.assertTrue(self.file.search_panel_select_multi_range("directory_id"))
-        self.assertTrue(self.file.search_panel_select_multi_range("tag_ids"))
+        self.assertTrue(
+            self.file.search_panel_select_range("directory_id"),
+            "Directory should be selected",
+        )
+        self.assertTrue(
+            self.file.search_panel_select_multi_range("directory_id"),
+            "Directory should be selected",
+        )
+        self.assertTrue(
+            self.file.search_panel_select_multi_range("tag_ids"),
+            "Tag should be selected",
+        )
         res = self.file.search_panel_select_range("directory_id", enable_counters=True)
         self.assertTrue(self.directory2.id == x["id"] for x in res["values"])

odoo/addons/dms/tests/test_portal.py

@@ -2,6 +2,7 @@
 # License LGPL-3.0 or later (http://www.gnu.org/licenses/lgpl)
 
 import odoo.tests
+from odoo.exceptions import AccessError
 from odoo.tests.common import users
 
 from .common import StorageAttachmentBaseCase
@@ -14,10 +15,15 @@ class TestDmsPortal(odoo.tests.HttpCase, StorageAttachmentBaseCase):
         super().setUpClass()
         cls.partner = cls.env.ref("base.partner_demo_portal")
         cls.portal_user = cls.partner.user_ids
+        cls.other_portal_user = cls.other_partner.user_ids
         cls.portal_user.login = "portal"
+        cls.other_portal_user.login = "other_portal"
         cls._create_attachment("test.txt")
+        cls._create_attachment("test2.txt", cls.other_partner)
         cls.directory_partner = cls._get_partner_directory()
+        cls.other_directory_partner = cls._get_partner_directory(cls.other_partner)
         cls.file_partner = cls.directory_partner.file_ids[0]
+        cls.other_file_partner = cls.other_directory_partner.file_ids[0]
 
     def test_access_portal(self):
         self.authenticate("portal", "portal")
@@ -25,54 +31,61 @@ class TestDmsPortal(odoo.tests.HttpCase, StorageAttachmentBaseCase):
         file_text = self.create_file(directory=self.directory_partner)
         url = "%s&access_token=abc-def" % (file_text.access_url)
         response = self.url_open(url, timeout=20)
-        self.assertEqual(response.status_code, 404)
+        self.assertEqual(
+            response.status_code, 404, "Can't access file with incorrect access_token"
+        )
         # 200
         response = self.url_open(self.file_partner._get_share_url(), timeout=20)
-        self.assertEqual(response.status_code, 200)
+        self.assertEqual(
+            response.status_code, 200, "Can access file with correct access_token"
+        )
         # 200
         response = self.url_open(self.directory_partner._get_share_url(), timeout=20)
-        self.assertEqual(response.status_code, 200)
+        self.assertEqual(
+            response.status_code, 200, "Can access directory with correct access_token"
+        )
 
     def test_tour(self):
         for tour in ("dms_portal_mail_tour", "dms_portal_partners_tour"):
             with self.subTest(tour=tour):
-                self.start_tour("/", tour, login="portal")
+                self.start_tour("/my", tour, login="portal")
 
-    def test_permission_flag(self):
-        """Assert portal partner directory and files permissions."""
-        # Superuser can read everything
-        self.assertTrue(self.directory_partner.permission_read)
-        self.assertTrue(self.directory_partner.parent_id.permission_read)
-        self.assertTrue(self.file_partner.permission_read)
-        self.assertEqual(
-            self.directory_partner.parent_id.child_directory_ids, self.directory_partner
-        )
-        # Public user can access only the empty res.partner folder
-        self.directory_partner.with_user(self.public_user).invalidate_recordset()
-        self.assertFalse(
-            self.directory_partner.with_user(self.public_user).permission_read
-        )
-        self.directory_partner.parent_id.with_user(
-            self.public_user
-        ).invalidate_recordset()
-        self.assertTrue(
-            self.directory_partner.parent_id.with_user(self.public_user).permission_read
+    @users("portal")
+    def test_permission_portal_user_access_own_attachment(self):
+        """
+        The user can access its own attachments, even if its access group are not set
+        """
+        # Has to manually su=False because the portal user is not a superuser,
+        # but odoo uses somewhere sudo() internally
+        file = self.file_partner.with_user(self.portal_user).with_env(
+            self.env(su=False)
         )
-        self.file_partner.with_user(self.public_user).invalidate_recordset()
-        self.assertFalse(self.file_partner.with_user(self.public_user).permission_read)
-        self.assertFalse(
-            self.directory_partner.parent_id.with_user(
-                self.public_user
-            ).child_directory_ids
+        directory = self.directory_partner.with_user(self.portal_user).with_env(
+            self.env(su=False)
         )
+        # Portal user can only read
+        file.check_access_rule("read")
+
+        # Portal user can't do anything else
+        with self.assertRaises(AccessError, msg="Portal user should not have access"):
+            file.check_access_rule("write")
+            file.check_access_rule("unlink")
+            directory.check_access_rule("create")
 
     @users("portal")
-    def test_permission_flag_portal_user(self):
-        # Portal user can read everything (because it belongs to him)
-        self.assertTrue(self.directory_partner.permission_read)
-        self.assertTrue(self.directory_partner.parent_id.permission_read)
-        self.assertTrue(self.file_partner.permission_read)
-        self.assertEqual(
-            self.directory_partner.parent_id.child_directory_ids,
-            self.directory_partner,
+    def test_permission_portal_user_access_other_attachment(self):
+        """
+        The user can't access other attachments if its access group are not set
+        """
+        # Has to manually su=False because the portal user is not a superuser,
+        # but odoo uses somewhere sudo() internally
+        file = self.other_file_partner.with_user(self.portal_user).with_env(
+            self.env(su=False)
         )
+        # Portal user can't do anything
+        with self.assertRaises(AccessError, msg="Portal user should not have access"):
+            file.check_access_rule("read")
+        with self.assertRaises(AccessError, msg="Portal user should not have access"):
+            file.check_access_rule("write")
+        with self.assertRaises(AccessError, msg="Portal user should not have access"):
+            file.check_access_rule("unlink")