====================================
Functional Testing of the Roles Page
====================================

The test setup has already ensured that we have a number of users available.

    >>> from Products.Five.testbrowser import Browser
    >>> browser = Browser()
    >>> browser.handleErrors = False
    
Let us log all exceptions, which is useful for debugging.

    >>> self.portal.error_log._ignored_exceptions = ()

Anonymous users
---------------

When we log out, we cannot see the "Roles" tab at all.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s' % self.folder.absolute_url())
    
We're not forced to log in and we can view the item. Thus, we have view permission.

    >>> 'Please log in' not in browser.contents
    True
        
We shouldn't see the Sharing tab

    >>> browser.getLink('Roles')
    Traceback (most recent call last):
    ...
    LinkNotFoundError
    
Manager
-------

A Manager should be able to delegate all the accessible roles. Let's also
take this opportunity to delegate some roles so that we can check what the
other roles can do.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'manager'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles').click()

In the beginning, the roles form is empt, because no local roles
have been defined yet.
    
    >>> "Can add" in browser.contents
    False
    >>> "Can edit" in browser.contents
    False
    >>> "Can manage" in browser.contents
    False
    >>> "Can view" in browser.contents
    False

Let's define some local roles.
    
    >>> browser.getControl(name='search_term').value = "groupcontributor"
    >>> browser.getControl(name='form.button.Search').click()
    >>> browser.getControl(name='entries.role_GroupContributor:records').getControl(value='True',index=-1).click()

    >>> browser.getControl(name='search_term').value = "groupeditor"
    >>> browser.getControl(name='form.button.Search').click()
    >>> browser.getControl(name='entries.role_GroupEditor:records').getControl(value='True',index=-1).click()

    >>> #browser.getControl(name='search_term').value = "groupadmin"
    >>> #browser.getControl(name='form.button.Search').click()
    >>> #browser.getControl(name='entries.role_GroupManager:records').getControl(value='True',index=-1).click()
    
    >>> browser.getControl(name='search_term').value = "groupreader"
    >>> browser.getControl(name='form.button.Search').click()
    >>> browser.getControl(name='entries.role_GroupReader:records').getControl(value='True',index=-1).click()

    >>> browser.getControl("Save").click()
    >>> 'Changes saved' in browser.contents
    True

Now that there are local roles, we can see all the roles that can be
assigned.

    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles').click()
    
    >>> "Can add" in browser.contents
    True
    >>> "Can edit" in browser.contents
    True
    >>> "Can manage" in browser.contents
    True
    >>> "Can view" in browser.contents
    True
    
Owner
-----

The owner can access the roles page.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'test_user_1_'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles').click()
    
    >>> "Can manage" in browser.contents
    True
    >>> "Can add" in browser.contents
    True
    >>> "Can edit" in browser.contents
    True
    >>> "Can view" in browser.contents
    True

GroupAdmin
----------

The groupadmin can access the roles page.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'test_user_1_'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles').click()
    
    >>> "Can manage" in browser.contents
    True
    >>> "Can add" in browser.contents
    True
    >>> "Can edit" in browser.contents
    True
    >>> "Can view" in browser.contents
    True

GroupReader
-----------

A groupreader should only be able to view the page, not even get to the
Roles tab.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'groupreader'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles')
    Traceback (most recent call last):
    ...
    LinkNotFoundError

GroupEditor
-----------

A groupeditor should only be able to view the page, not even get to the
Roles tab.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'groupeditor'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles')
    Traceback (most recent call last):
    ...
    LinkNotFoundError

GroupContributor
----------------

A groupcontributor cannot assign any further rights.

    >>> browser.open('%s/logout' % self.portal.absolute_url())
    >>> browser.open('%s/login_form' % self.portal.absolute_url())
    >>> browser.getControl(name='__ac_name').value = 'groupcontributor'
    >>> browser.getControl(name='__ac_password').value = 'secret'
    >>> browser.getControl('Log in').click()
    
    >>> browser.open('%s' % self.folder.absolute_url())
    >>> browser.getLink('Roles').click()
    Traceback (most recent call last):
    ...
    LinkNotFoundError

